Security is a Team Sport

The security of your information is of utmost importance to us. To keep it safe, it takes effort from all of us.

Your Part

Some simple habits can go a long way. These principles are not just good for Daylite, but they are good in general.

Passwords & Passcodes

You should follow good password principles for Daylite, your Mac and your iPhone/iPad. Make sure you, and your staff have a strong password/passcode and don’t share it with anyone. Be extremely wary of emails with links, whose destination ask you for credentials.

Use FaceID or TouchID on your Mac and your iOS device.

Secure your Local Storage

One of Daylite’s benefits is that it keeps a local copy of some of your data so it’s best to secure the local storage on each of your devices.

If you have a passcode on your iOS device, then the contents in storage are encrypted.

On your Mac, you need to enable FileVault. In the event, your Mac is stolen or forgotten someplace, the contents of the drive become useless without your password.

Sleep and Screen Saver

Require a password for when your Mac goes to sleep or the screen saver kicks in.

Keep your OS up to date

Vulnerabilities are found regularly and Apple does a good job at addressing them promptly. All you need to do is keep your OS up to date on all your devices. Forgetting some devices is easy, so make sure to check each one regularly.

Learn more about Apple’s macOS and iOS security options.

Our Part

We’ve gone to great lengths to make sure our systems are secure.

Data Storage Security

We’ve chosen cloud providers that have excellent physical and infrastructure security and that are compliant with the ISO27001 standard and as of May 27, 2020, we are ISO27001 certified.

Further, all on-disk storage is encrypted so that data is not compromized when storage media is disposed of or in need of physical repair.

Transmission Security

We use modern and strong encryption for any and all communication between Daylite on Mac/iPhone/iPad, Account Manager in your browser and CalDAV/CardDAV clients and our data centers.

These modern features include TLS 1.2, Certificate Pinning, Perfect Forward Secrecy and more.

Staff Access

The production cloud infrastructure is completely segregated from Marketcircle’s internal network and requires a separate set of credentials for logical access using SSH public-key authentication.

We have a strict process in place that limits the access to our infrastructure to a handful of authorized employees.

Our 2nd level support staff have no access to your data unless you explicitly give permission, for a limited time, for support reasons. The rest of our staff have absolutely no access whatsoever to your data.

Security Updates

We actively monitor all security alerts and apply security updates aggressively, applying security patches to our various systems regularly.

Questions?

If you have any other questions about security, please contact us at privacy-officer@marketcircle.com