Email Security at Sanebox

On By The SaneBox GangIn SaneBox

Security at SaneBox is job one.

By design, we limit the information that is held on our servers.  Your email never resides on our servers, except for the moment that we send your SaneReminders email back to you (and even then we try to measure in seconds the time that any one email is on our disks).

Also by design, SaneBox acts as a client so that if our service should be down for a minute or two (we shoot for 5 9′s of uptime), your email will continue to be delivered to your Inbox.  The only side effect of our being down would be that your unimportant email will linger in your Inbox, mocking you.

We approach security as 4 layers.  Each layer, while as impervious as we can make it, is backstopped by the other layers.

Physical security – we co-locate with CDW in secure/hardened facilities in secure racks.

Network security – the service and database machines do not accept any connections from the public internet.  A hacker would have to a) create a VPN connection to our private network, b) guess our ssh keys to a bastion host, c) figure out ssh keys to one of the service machines, and then d) the thing they are looking for is secured with bank quality encryption.

Data security – your email is never resident on our servers (only meta data is) so the only thing of value to an outsider would be the email credentials that we use to access your email, which are bank-quality encrypted with a key that must be entered manually by a human.  And at least in the case of Gmail, those credentials are only good for a SaneBox IP.

Trusted Personnel – It is only the most vetted subset of our trusted employees that even access that final encryption key.  Think the top secret key that has to be turned to engage the nuclear weapon – that’s how we feel about this final secret.

Always remember that someone could look over your shoulder someday while you type your password.  Or someone could get you to click on a phishing email and get you to enter your credentials to a phishing site.  So you should always be as careful as SaneBox.

We spend time each month looking for ways to secure the system further. So assume SaneBox is like a castle with an ever deeper moat.