The security of your information is of utmost importance to us. To keep it safe, it takes effort from all of us.
Some simple habits can go a long way. These principles are not just good for Daylite, but they are good in general.
You should follow good password principles for Daylite, your Mac and your iPhone/iPad. Make sure you, and your staff have a strong password/passcode and don’t share it with anyone. Be extremely wary of emails with links, whose destination ask you for credentials.
Use FaceID or TouchID on your Mac and your iOS device.
One of Daylite’s benefits is that it keeps a local copy of some of your data so it’s best to secure the local storage on each of your devices.
If you have a passcode on your iOS device, then the contents in storage are encrypted.
On your Mac, you need to enable FileVault. In the event, your Mac is stolen or forgotten someplace, the contents of the drive become useless without your password.
Require a password for when your Mac goes to sleep or the screen saver kicks in.
Vulnerabilities are found regularly and Apple does a good job at addressing them promptly. All you need to do is keep your OS up to date on all your devices. Forgetting some devices is easy, so make sure to check each one regularly.
Learn more about Apple’s macOS and iOS security options.
We’ve gone to great lengths to make sure our systems are secure.
We’ve chosen cloud providers that have excellent physical and infrastructure security and that are compliant with the ISO27001 standard and as of May 27, 2020, we are ISO27001 certified.
Further, all on-disk storage is encrypted so that data is not compromized when storage media is disposed of or in need of physical repair.
We use modern and strong encryption for any and all communication between Daylite on Mac/iPhone/iPad, Account Manager in your browser and CalDAV/CardDAV clients and our data centers.
These modern features include TLS 1.2, Certificate Pinning, Perfect Forward Secrecy and more.
The production cloud infrastructure is completely segregated from Marketcircle’s internal network and requires a separate set of credentials for logical access using SSH public-key authentication.
We have a strict process in place that limits the access to our infrastructure to a handful of authorized employees.
Our 2nd level support staff have no access to your data unless you explicitly give permission, for a limited time, for support reasons. The rest of our staff have absolutely no access whatsoever to your data.
We actively monitor all security alerts and apply security updates aggressively, applying security patches to our various systems regularly.
If you have any other questions about security, please contact us at firstname.lastname@example.org