Skip to main content
If you require more details about what safety measures are taken on our side as data processor, you can find them in this document.

Safety measures implemented by Cryptolens

When developing Cryptolens, we apply an assume breach policy. This means that we develop components in such a way as to ensure that if a breach occurs, we can minimize its damage.

When data is no longer needed

Cryptolens strives to only store data that is needed to provide the service. Once such data is no longer needed, it will be removed or anonymized.

Access to the information

Access to your information is restricted to specific employees. All employees that need to access your information have signed a non disclosure agreement. By default, none of our employees access your data unless you ask us for help with troubleshooting. In such cases, sensitive data is masked and we always strive to minimize access to the information to what is needed to help you with a certain query.

Protection of the database

Encryption of data at rest

We use the built in feature of Azure SQL Server for encryption of data at rest.

Firewall & restricted permissions

Our database firewall is restricted so that only authorized services can access it. Moreover, we restrict the permission each service has and mask sensitive fields.

Backup & protection against accidental loss

Automatic backups occur on a daily basis.

Safety measures that you can enable.

In order to safeguard customer data and ensure compliance, both you as a software vendor and us as the data processor have to cooperate. In this section, we have outlined several tips of how to increase safety when using Cryptolens.

Access tokens

Restrict the scope

It is important to create access tokens that have very constrained scopes of permissions. For example, be specific by:
  • limiting the set of methods that the access token has access to
  • selecting the product the access token will work with
  • using feature lock for data masking, where applicable

Using feature lock for data masking

Methods such as Activate and GetKey allow you to mask certain fields to boost privacy. Masking is especially important if you are developing an SDK. We recommend that you mask:
  • Notes, Data objects - if you are storing data related to your customer, since it will be visible by all the end users.
  • Activated Machines - should always be masked since it reveals personal identifiable information about the customers.

Securing your account

Strong password

Always use a strong password and preferably one that you cannot remember, relying on a password manager.

Setting up two-factor auth

Two-factor auth provides an additional layer of protection on top of the password. Please

Making sure we have your correct email

On the security settings page, please makes sure we have your correct email address.

Disable Web API 2

Please do not use Web API 2. It can be blocked on the security settings page.

Add object locks

You can add Object locks to prevent accidental deletion of objects, for example, products and access tokens.