When it comes to keeping your data and information secure, we never rest. We’ve built bank-grade security measures into the system to make sure you can use Dashly with confidence.
Secure data transmission: When you load a page in your browser, or upload something to Dashly, all that information is encrypted while it’s moving over the internet. We lock up your data with up to 256-bit TLS encryption, the strength of protection you get with online banking and shopping. We also support a wide variety of cyphers — another kind of code — for our communications, to ensure the highest level of encryption possible, based on your browser.
Secure data storage: Your account data is stored on servers that have strict physical access protocols, meaning there are rules in place limiting access to only the people who need it to do their jobs. The facilities are controlled with 24/7 monitoring, and the technology is digitally protected. All of your Data is housed within the Google “EU-WEST-2” Data Centre and data is encrypted at rest using AES-256 symmetric keys, with the encryption keys themselves encrypted by a key stored in a KMS and regularly rotated. This applies to SQL databases, shared/network storage as well as VM disks.
Security Testing: Dashly uses many layers of security testing. We test our systems internally, but that’s not enough in our opinion. We also regularly bring in third-party security firms such as Netitude to perform vulnerability assessments and penetration tests against our systems.
Passwords are encrypted when they’re collected, when they’re sent to our servers, and we never store them without encrypting them first, they are salted and hashed with the scrypt algorithm. In fact, all communications between our apps and our servers are encrypted using Transport Layer Security (TLS) — the replacement for Secure Sockets Layer (SSL) — the highest level of security protocols available. Beyond that, we don't store any sensitive information, such as account numbers on the device ever.
We’ve built an internal risk system that uses a wide variety of tools and insights to protect you from fraud. We’ve integrated several third-party security and anti-fraud service providers to create a layered approach to risk detection, for the highest level of protection. And our Compliance and Information Security team regularly monitors high risk and out-of-pattern behaviour to keep our platform safe.
As a company, Dashly complies with the Data Protection Act 2018 (DPA 2018). We take customer data privacy seriously, ensuring that:
Personal data is properly collected, stored, and documented.
Any usage of personal data is communicated with the proper consent.
All new suppliers, partners, assets and activities pertaining to processing personal data are subject to a review of privacy, security and compliance.
Relevant processes are followed for transfers of personal data outside the European Union.
Dashly uses Auth0.com to safeguard our users accounts, with default email verification at account creation time and during password resets. Auth0 has been built on tested, verified identity standards, including LDAP, SAML, OAuth, OpenID, OpenID Connect, and JSON Web Tokens (JWTs) - all of the common and most popular identity standards. Auth0 participates in standards organisations like the OpenID Foundation making it easy for Dashly to leverage these powerful standards to shield our own applications and APIs.
Do you have additional questions about the security of Dashly? If so, please don’t hesitate to contact us or email firstname.lastname@example.org. We’d be happy to tell you more about the many steps we take to ensure the security of your sensitive information.
Do you have additional questions about the security of Dashly? If so, please don’t hesitate to contact us. We’d be happy to tell you more about the many steps we take to ensure the security of your sensitive information.