A Note on Lockboxer Security

By Ionut Trestian

For Lockboxer, security is essential.

First, we understand that our clients want the best experience in terms of availability, reliability, and ease of use when using our service. And we understand that trading security for any of the above is unacceptable.

We also understand that security is an ongoing race. The recent
attacks on PayPal, Visa, Mastercard, and the Sony network have not
only cost the involved companies a great deal of money but they have
also shown that given the circumstances, any service can become vulnerable at some point in time. Security is not a one-moment thing, such as a component that you acquire, but a constant battle in which we are committed to both keeping our software components patched, bug-free, and up to date and to using the latest security products and practices.

Lockboxer security is based on these points:

–      GeoTrust SSL certificates. GeoTrust guarantees that when your computer interacts with Lockboxer, it is indeed Lockboxer that you are dealing with and not an impersonator trying to get access to your sensitive information. This is the age of scam attacks. We all are the targets of large amounts of spam emails that guide us to websites that try to steal our information. We therefore want to make sure that our users get the maximum protection available.

–       Secure servers. We use Amazon S3 for storing user information.
During one of the latest hacking campaigns carried out by the
Anonymous group, Amazon was the only service that they couldn’t take
down. They managed to take down several Swiss financial
institutions, PayPal, Visa, and Mastercard (the reason being that all
of the above companies have cut the accounts associated with
WikiLeaks).

–     No sensitive information required for using Lockboxer. We do not
store credit card information (we only hand it to Authorize.net for
processing). We also do not require the actual physical address of
users (not even for our paying customers) so an address will never be linked to the stuff in someone’s home.

–     Our team members regularly test the security of Lockboxer. We have team members dedicated to regular tests of Lockboxer security to make sure that we are ahead of any of the bad guys.

One final thing to remember is that we will never ask for your
Lockboxer credentials via e-mail. If you do receive an email that
looks like it is coming from Lockboxer asking for such information, do not respond.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s