How Secure is MakeWay?

Overview

Your data is secure. We protect data in transit (with HTTPS), store it safely and back it up daily. We use well-known providers for cloud servers and storage. And we use modern technology with up-to-date security patches.

Encryption

All data in transit is encrypted (HTTPS). All files you and your clients share are also encrypted at rest.

Clients, file metadata (name, description, etc), messages, event data, and other application data are not encrypted at rest, since they are active records in the database. These are encrypted in transit and protected via secure server access controls.

Daily database backups are encrypted at rest.

Passwordless

User passwords usually make systems less secure.

• Users reuse password across sites, so if one site gets hacked, passwords are at risk.
• Weak passwords can be guessed, for example, by brute-force attacks.
• Password login is vulnerable to credential stuffing attacks.
• More vulnerable to phishing attacks.

We use passwordless authentication via magic link and OTP with short expiration times, tokens that invalidate, and rate-limited endpoints.

Reputable Providers

For cloud servers, we use Hetzner and Cloudflare, and Cloudflare R2 for storage. They have a solid reputation regarding security and stability.

We do not handle billing information directly. We use Stripe as our payment processor.

Updated software and libraries

We run stable and secure versions of our software, with the latest security patches.

Daily backups

We perform daily backups to protect and preserve your information.

Need more information?

Email [email protected] and we'll be happy to help.