| We don't take security lightly, but we don't do a good job articulating how we safeguard things in the product. We'll fix this - thanks for pushing on it. There are details throughout this post, but I will summarize our high-level approach. * When we request permissions, we request a minimal set. For example, you can connect Drive with just meta-data access and our access will be scoped accordingly. * Everything is encrypted. Importantly, it's also encrypted in the data store itself. If our DB was compromised, the entries would not be readable (ECIES, Secp256k1, AES256+CTR). Only exception is the reverse index. * The operations that involve encryption / decryption of encrypted content live in an isolated layer. * Token storage follows similar methodology * We get a pentest and security reviews quarterly * We also have strict company policies around IT and infrastructure access That said, we aren't ever at a terminal point in our security story. Our experience has been that security conscious companies simply turn off ability to connect third party applications. |