Unlike the vast majority of service providers
we do not have a backdoor
e‑Courier’s security implementation conforms to a higher standard
The encryption algorithms and security protocols used by e‑Courier are implemented by utilizing the open source Federal Information Processing Standard FIPS (140-2) certified openSSL cryptography library. FIPS certification is a US Government security standard. The library is considered the “gold standard” for security implementations and is under constant review and is updated by the security community.
e‑Courier encrypts and protects access to data in three important ways.
A higher level of security
First, and most important, all data in transmission between a users’ browser and the e‑Courier servers uses Transport Layer Security (TLS) and implements forward secrecy. e‑Courier also only supports a cipher suite that has a minimum key length of 256 bits thus all e‑Courier data moving over the Internet, where it is most at risk, is encrypted with robust encryption algorithms and protocols.
Data stays secure and encrypted. Always.
Second is immediate and instant encryption of your data. Once data reaches the e-Courier secured servers it is read and decrypted out of the secure socket, it is then immediately re-encrypted using a robust encryption algorithm and stored on our disk drives, even before it has all been received. The user’s file and message data is never stored on our disks unencrypted.
No backdoor means no unauthorized access
Thirdly, each new email is assigned a random key, and its files and secure message are encrypted with that key. The email key is then encrypted for each correspondent with a secret known only to that user. The encrypted email keys are then saved in the database for use when a correspondent needs access to the email contents. e-Courier’s key management scheme precludes anyone, including us, from having or using a backdoor. This permanently prevents unauthorized access to sensitive data stored on e-Courier servers.
Users’ passwords are never stored on the disk in e‑Courier servers. A hash of the password is used to verify the users’ password the user logs in. So, once data has been secured, it cannot be decrypted by anyone except for the original sender or recipient(s).
All e‑Courier servers are owned and managed by e‑Courier personnel.
All e‑Courier servers are physically located in Canada in highly secure data centers that are SOC 1 (Type 2) compliant with restricted biometric access and around‑the‑clock monitoring.
Get your free 10-day trial now!
Get started today! Sign up for your free 10-day trial and get up and running within minutes. There are no feature restrictions during the free trial period.