Our number one priority is protecting your data.
Security Data
We have designed Mylegabox so that we never have the access keys to your account.
- We have implemented AES 256-bit encryption with PBKDF2 SHA-256l to ensure full cloud security.
- Within our systems, all of your data is stored using AES-256 encryption with a unique derived key for each user as recommended by NIST Special Publication 800-132. We encrypt every personally identifiable field in the database, including your name and email address. To search and index, we hash a small number of fields using HMAC. We apply the same encryption technique to all the files you upload. As with all systems like ours, the security of your information depends on you. Choose a strong password (we enforce it the best we can) and never share it with anyone.
Your data is encrypted and decrypted on the device. The information stored in the vault is secret, even to Mylegabox. Your master password and the keys used to encrypt and decrypt your data are never sent to Mylegabox’s servers, and can never be accessed by Mylegabox.
All communications between you and Mylegabox are encrypted via SSL using 2048-bit certificates and we require SSL on all communications. Even if someone sneaks up on your communication, they won’t be able to decrypt the data in case our key is compromised.
Mylegabox follows best practices to keep your data safe. We regularly audit our environments and codes for security issues and apply patches expeditiously. We use commercial services that regularly review our site and employ our own security experts to investigate and verify the security of our site.
Our strict internal procedures prevent any Mylegabox employee or administrator from gaining access to your account, beyond a limited set of data necessary to help you grant access to your account (for example, trigger confirmation emails) and restrict access to your account in urgent circumstances (for example, limiting or removing a Member’s access). Mylegabox administrators can never see the plan information you fill out or the documents you upload. Mylegabox registers and periodically audits all accesses to your account, whether by you, an administrator or your delegates.
- Security isn’t just about protecting your data, it’s also about protecting access to your account. By enabling two-factor authentication, each time you log into your Mylegabox from a new computer, device, or browser, we will send a unique code to your phone that you must enter as part of your login.
- This additional layer of security ensures that even if a criminal steals your password (or from a site that is less secure than Mylegabox), they will not be able to access your Mylegabox.
- Whenever you log into your Mylegabox from a new computer, device or browser, we will send a unique code to your phone that you must enter as part of your login.
- This additional layer of security ensures that even if a criminal steals your password (or from a site that is less secure than Mylegabox), they will not be able to access your Mylegabox.
- We designed Mylegabox under the principle of keeping your personal information private, secure and protected against any type of attacker.
- All the information in Mylegabox is encrypted using the most modern standards
- Your personal information belongs only to you – only the people with whom you choose to share your information can decrypt your data
Functionalities
Policies
Trusted users
Folders by content topic
File upload
Bank account loading
Note loads
Upload passwords
