In this blog post I’d like to explain why the security and safety of your data is our priority, what we’ve done so far and what we’ll be doing in the near future to actually make it even better and more secure for you to get things done and communicate effectively through tasks in Nozbe.
I’d like to mention a few things:
- how our server infrastructure is built
- how we store your data (tasks, files, attachments, 3rd party files)
- how we do backups
- how we can keep Nozbe Teams going even through a major catastrophe…
- who has access to your data
- and what’s still to improve here :-)
This entry is updated regularly. The last update: March 2020.
So, let’s dive right into these questions:
Nozbe server infrastructure? Where are my tasks “physically”?
Short answer: In Ireland.
Long answer: Our main servers are located in Ireland - this is where our main database is stored. We chose Ireland because we wanted your data to be stored outside of US jurisdiction and in a country with great Internet infrastructure and within the European Union which has all the strictest customer safety policies in the world. For your sake.
Speed is of no concern: Nozbe is a set of native or web clients that communicate with the sync server in Ireland. The initial “hello” with the server is a little slower for our US customers (100 milliseconds vs 20 or so) but the data sent in each sync are as fast as can be, so having the main server in Europe doesn’t impact customer experience.
Is my data backed up anywhere else?
Short answer: Of course, and multiple times at that!
Long answer: Yes, many times over. First off, on the same database we’ve got copies of all the tasks, even the ones that you delete are stored for up to 30 days before they are purged forever. This way if you deleted something accidentally you can still contact support and have it brought back. Neat, right?
Second, our servers in Ireland are backed up daily as per normal backup policy. But this is NOT enough!
We’ve got two simultaneous “live” back ups to two different countries!
The additional database backup is stored in encrypted form in Amazon S3 in Paris, Europe.
So yes, there are two different data storages in different countries. This way we know for a fact that we’ll never lose a task or a file belonging to any of our customers ever. And I do mean, ever. But there’s an added bonus to it:
Why do you have copies of Nozbe databases? Getting ready for a cataclysm?
Short answer: Because we want both you and us to sleep well at night. A good night’s sleep is really important for your productivity :-)
Long answer: Not only do we make sure that we’ve got copies of your data safe and sound, we’ve got a way to actually bring Nozbe back to life even if something really bad happened to our servers in Ireland.
We can bring Nozbe back to life in 15 minutes max. You wouldn’t even notice.
Yes, in case of a major catastrophe to our main servers in Ireland, we have an automated way of creating a secondary “main” Nozbe server in a different data center and thanks to re-linking the database servers, we’d have Nozbe Teams back live in less than a quarter of an hour with all the data up to the second of the cataclysm. And as your Nozbe Teams client app will just sync normally with the new server like nothing happened… you likely wouldn’t even notice this down time.
Yes, we’re that crazy about keeping Nozbe alive and your data intact.
OK, I’m so relieved now. But where do you store the files I attach to my tasks and projects?
Short answer: On Amazon S3. Totally encrypted.
Long answer: We store all of the files you upload to Nozbe Teams tasks or projects on the Amazon S3 server infrastructure. We encrypt your files while uploading them to Amazon S3 with encryption keys stored on different servers. This way nobody on the Amazon team (or our team for that matter) can actually read your files even if they wanted to.
We’re in the process of creating additional encryption mechanisms for Nozbe Teams users to give them an even greater sense of security.
And we still backup your files to additional servers just in case. Yes, we’re that crazy about backups.
What happens if I cancel my Nozbe account?
Short answer: We delete everything you stored in Nozbe Teams. We log your personal details in our history.
Long answer: When you cancel your Nozbe account, we delete all of the tasks, projects and files you stored with us. Everything. We only log your personal details (name, email, country) in our history to be able to recognize you when you come back or have a record of you ever being our customer. We can remove this info upon request, too.
If you’re a team owner, all your workspaces will be deleted and all your team members will loose access to them. All projects, tasks and all data in the team will be deleted. If you remove somebody from your team, they’ll loose access to the team and their account will be deleted.
Who accesses my Nozbe account?
Short answer: Nobody. Unless you ask us to.
Long answer: Only four people (including me) have access to the server database with all customers data. The customer service staff has a special support panel where they can look up your info if you contact them and ask for that. They see your account history, logs, etc. BUT without revealing too much personal information (mostly without the actual content - e.g. only unique ID of the given project/task/comment).
Frankly, we are focused on making this system the best there is, so we’re crazy about securing your data, and we really do everything in order not to need to see your data. That’s why we restrict this so much.
What’s next for Nozbe security and safety?
Short answer: Still a lot to do!
Long answer: As mentioned above, we’re improving our system on a regular basis. We regularly introduce more safety measures, more monitoring scripts and automated ways to find bugs and errors, so that you can focus on getting your tasks and projects done and we can focus on bringing you the best toolset to do just that.
Thanks for being a part of this and for helping us make the world a more organized place!