Your SaneBox Security Questions Answered!
HIPAA Compliance:
Q: Does SaneBox offer a Business Associate Agreement (BAA)?
A: Absolutely! We understand the importance of HIPAA compliance. You can find our BAA here: link to BAA.
Data Security:
Q: How does SaneBox protect user credentials from employee access?
A: We take data security very seriously. User credentials are secured with multiple layers of protection:
- Isolated network with restricted internet access.
- Bastion host access requires individual credentials.
- Remote access only through secure VPN connections.
- Production machines have separate, strong credentials.
- Industry-standard encryption protects all credentials.
- Encryption keys are secured in a separate system.
- Only authorized senior engineers have access to critical credentials.
Q: How does SaneBox prevent accidental access to full email bodies (instead of just headers)?
A: We have robust controls:
- All access and commands are logged and reviewed daily.
- System changes undergo thorough review and testing by senior engineers.
Data Breach Response:
Q: What defines a data breach at SaneBox?
A: We have multiple safeguards:
- Intrusion detection system alerts for unauthorized access attempts.
- Secure credential store system provides an additional layer of protection.
- A data breach would require overcoming both these barriers.
Q: How does SaneBox notify users of a data breach?
A: We prioritize user notification:
- Any suspected breach triggers immediate investigation.
- We confirm if customer data was accessed.
- All affected users are promptly notified.
Data Sharing:
Q: What data does SaneBox share with third parties?
A: We use some third-party services for monitoring and logging (with agreements):
- We share limited information for service maintenance: email address, contacts’ email addresses, message subjects, and message dates.
- We prioritize data minimization, sending only information strictly necessary.
Email Content Access:
Q: Can SaneBox employees or systems access email content?
A: Technically, yes (due to limitations of the IMAP protocol). However, this access is strictly controlled:
- SaneBox reads content only for specific features: SaneReminders, SaneAttachments, and some SaneSnooze functionalities.
- With proper configuration, even content access for these features can be minimized.
Have more questions?
Contact our support team at support@sanebox.com or visit our Privacy page: link to Privacy page.
We’re committed to keeping your data safe!