Ever since I founded Nozbe back in 2007, the security and safety of customer data as well as the stability of our infrastructure were my biggest points of focus. To the point that I’d wake up in the middle of the night to check if our servers were still up… Over the years we’ve had our failures, outages and issues… but if you’ve been with us for the last few years you’ll have noticed that our infrastructure has been rock-solid for a while now.
In this blog post I’d like to explain why that is, what we’ve done so far and what we’ll be doing in the near future to actually make it even better and more secure for you to get things done and communicate effectively through tasks thanks to Nozbe.
I’d like to mention a few things:
- how our server infrastructure is built
- how we store your data (tasks, files, attachments, 3rd party files)
- how we do backups
- how we can keep Nozbe going even through a major catastrophe…
- who has access to your data
- and what’s still to improve here :-)
So, let’s dive right into these questions:
Nozbe server infrastructure? Where are my tasks “physically”?
Short answer: In Germany. The same Germany that’s a current World Champion in Football/Soccer :-)
Long answer: Our main servers are located in Germany - this is where our main database is stored. We chose Germany because we wanted your data to be stored outside of US jurisdiction and in a country with great Internet infrastructure and within the European Union which has all the strictest customer safety policies in the world. For your sake.
Speed is of no concern anymore: Now that Nozbe is a set of native or web clients that communicate with the sync server in Germany, the initial “hello” with the server is a little slower for our US customers (100 milliseconds vs 20 or so) but the data sent in each sync are as fast as can be, so having the main server in Europe doesn’t impact customer experience.
Is this server in Germany safe? How safe?
Short answer: It’s as safe as your online banking servers.
Long answer: Because we deal with your confidential data and because we can accept credit cards in our checkout system, we’re obliged to be doing regular quarterly security audits. Comodo, a global leader in cyber security solutions, is doing audits on our servers and forces us to comply. This way our servers are regularly checked and updated for the latest vulnerabilities and hacks. Again, let me repeat that - external authority is auditing our servers regularly and we must comply. And we want to. Safety first.
One more thing - while we do accept credit card data, we don’t store credit card numbers in our database. We send it securely to our payment partner, PayLane, and they store it as they have the infrastructure for this. We prefer to worry about your tasks and projects and let the financial experts worry about their things.
Is my data backed up anywhere else?
Short answer: Of course, and multiple times at that!
Long answer: Yes, many times over. First off, on the same database we’ve got copies of all the tasks, even the ones that you delete are stored for up to 30 days before they are purged forever. This way if you deleted something accidentally you can still contact support and have it brought back. Neat, right?
Second, our servers in Germany are backed up daily as per normal backup policy. But this is NOT enough!
We’ve got three simultaneous “live” back ups to three different continents!
Our main database is being copied live (as in: each second!) to three independent destinations: our servers in Ireland, Japan and Australia.
Yes, three different servers in three different countries in three different continents. This way we know for a fact that we’ll never lose a task belonging to any of our customers ever. And I do mean, ever. But there’s an added bonus to it:
Why do you have so many copies of Nozbe databases? Getting ready for a cataclysm?
Short answer: Because we want both you and us to sleep well at night. A good night’s sleep is really important for your productivity :-)
Long answer: Not only do we make sure that we’ve got copies of your data safe and sound, we’ve got a way to actually bring Nozbe back to life even if something really bad happened to our servers in Germany.
We can bring Nozbe back to life in 15 minutes max. You wouldn’t even notice.
Yes, in case of a major catastrophe to our main servers in Germany, we have an automated way of creating a secondary “main” Nozbe server in a different data center and thanks to re-linking the database servers, we’d have Nozbe back live in less than a quarter of an hour with all the data up to the second of the cataclysm. And as your Nozbe client app will just sync normally with the new server like nothing happened… you likely wouldn’t even notice this down time.
Yes, we’re that crazy about keeping Nozbe alive and your data intact.
OK, I’m so relieved now. But where do you store the files I attach to my tasks and projects?
Short answer: On Amazon S3. Totally encrypted.
Long answer: We store all of the files you upload to Nozbe’s tasks or projects on the Amazon S3 server infrastructure. We encrypt your files while uploading them to Amazon S3 with encryption keys stored on different servers. This way nobody on the Amazon team (or our team for that matter) can actually read your files even if they wanted to.
We’re in the process of creating additional encryption mechanisms for our Nozbe Business customers to give them an even greater sense of security.
And we still backup your files to additional servers just in case. Yes, we’re that crazy about backups.
What happens to Evernote notes, Box, Dropbox, Google Drive and (soon) OneDrive attachments?
Short answer: We attach URLs for these resources.
Long answer: If you attach a file or note from these services through our integrations, we’re generating a unique URL for each file and attaching it to the task as a comment.
In Evernote’s case, we also cache the thumbnail and contents of the last version of your note so that we can display it properly inside our app.
We’re currently investigating how to make this process even more secure with additional safety measures or finding a way to attach these third party files better.
What happens if I cancel my Nozbe account?
Short answer: We delete everything you stored in Nozbe. We log your personal details in our history.
Long answer: When you cancel your Nozbe account, we delete all of the tasks, projects and files you stored with us. Everything. We only log your personal details (name, email, country) in our history to be able to recognize you when you come back or have a record of you ever being our customer. We can remove this info upon request, too.
If you’re a team owner, only your tasks and projects will be deleted and purged forever within 30 days. Information in the shared projects will remain available to the other people and everyone on your team will be downgraded to “short trial.” If you remove somebody from your team, they’ll be out of the projects that they shared with your team members but their data will not be deleted, they’ll just be downgraded to “short trial” as well.
Who has access to my Nozbe account?
Short answer: Nobody. Unless you ask us to.
Long answer: Only the CEO (that’s me) and CTO (Tomasz) have access to all the customer databases. Our VP of Software (Chris) and VP of Product (Rafal) can have access to our backup databases upon request from one of us. The customer support staff has a special support panel where they can look up your info if you contact customer support. They have your history there, logs, etc… but without revealing too much personal information (example: log details show the two first and last characters of a task, not the whole name of a task).
If your issue is very account-specific and (in very rare cases) the customer support representative needs to access your account, they can do that if you want them to. Each visit is logged and checked by us later to make sure this is not abused and only used in very rare situations.
Frankly, we have over 300,000 users on Nozbe and we are focused on making this system the best there is so we’re crazy about securing your data and we really do everything in order not to need to see your data. That’s why we restrict this so much.
What’s next for Nozbe security and safety?
Short answer: Still a lot to do!
Long answer: As mentioned above, we’re improving our system on a regular basis. We regularly introduce more safety measures, more monitoring scripts and automated ways to find bugs and errors, so that you can focus on getting your tasks and projects done and we can focus on bringing you the best toolset to do just that.
Thanks for being a part of this and for helping us make the world a more organized place!
written by Michael Sliwinski, Nozbe CEO