Main Security Principles

Last modified Jun 22, 2022
Main Security Principles
 
  • Trusted Data Access: We make sure you can reliably and securely manage and access your confidential data whenever and wherever you need it, whether you are offline or online.
  • Data Readable ONLY to You: Locker is a solution that combines Zero-Knowledge and End-to-End encryption. This means that data is encrypted and decrypted only on your device while the Locker servers are responsible solely for transferring and storing encrypted data. This ensures that only you, who hold the Master Password as well as the keys to access and decrypt everything, can decrypt to see your secret data. No one else can do it, not even the Locker servers.
  • Application of the Best Security Technologies: Locker applies the highest security standards to storing and transferring users’ confidential data. Our designs protect you against malicious attacks such as brute-force or unauthorized data access.
  • Secure Storage Infrastructure: We currently use the network infrastructure of the world’s leading service providers (AWS, Digital Ocean) to store user data; this helps ensure that the system is always secure and stable.
  • Timely Incident Response: Operating the system 24/7, the Locker team closely monitors any abnormality and immediately responds to any issue.
  • Continuous Security Evaluation: Locker has Bug Bounty programs for the world’s top researchers to perform continuous vulnerability assessment and penetration testing on the product. Besides, the CyStack team of security experts directly assesses and analyzes risks of the system on a periodical basis to ensure that Locker is always in the best security condition.
  • Centralized Management: For businesses, Locker provides a web-based administration dashboard where administrators can set up security policies, monitor security status, and create reports. All user activities are logged so that administrators can analyze and evaluate them later.