Maintaining the security of customer data is a paramount business concern and is necessary for the success of our business. Our overall approach to ensuring that customer data remains safe includes ensuring we have the right technology, automated safeguards and a strong internal security team.
We have designed our technology stack from the ground up to conform to the latest guidance from the security community and government standards (including following governmental recommendations when it comes to Password Security and 2-Step Verification). Our infrastructure runs in a a cloud-based environment that benefits from the same physical and electronic protections which currently ensure that financial services like Nasdaq, Dow Jones, and Capital One remain secure. Furthermore, all of our servers operate on a private network protected by strict network access controls as well as intrusion detection software.
All user data (tax returns, bank statements, etc.) is transmitted to our servers via secure HTTP (HTTPS) with 2,048 bit public-key encryption. It is then encrypted before being stored, and all access is protected by time and role-based access control. Our choice in encryption ciphers is based on recommendations from the NSA for storing Top Secret information, ensuring our standards for protecting your information exceed those used even by banks.
If you have any questions, feel free to reach out directly to our security team at firstname.lastname@example.org.