edwardrios Show full post »
MNICHOLS2K
Hi Matt -

Thanks for passing the feedback on.  Unfortunately, until I'm convinced of the WebBrain's security is being monitored and pro-actively maintained and kept up-to-date against the security threats, I've decided to stop using it for synchronising anything beyond general reference materiel.

TheBrain is incredibly powerful software that I was on the verge of giving up on due to data security concerns, however rather than abandoning the solution entirely, I'm going to work around web security by using the ZIP function to transfer brains via USB between computers.  This is nowhere near as convenient as using the webbrain for synching brains, but security trumps convenience. 

I may have to rethink about whether I maintain a yearly subscription, or simply purchase each new version of TheBrain as it comes out, because use of the webbrain and synchronisation is the main benefit of a subscription - and if I'm not going to use it, then what is the point of paying an annual fee for software that only goes through a major version update once in a blue moon?

On a very positive note:  it is good to see that the new version 9 of TheBrain has moved away from using Java.

I hope TheBrain takes the opportunity to get its security setup audited and certified by a third-party so those of us who are concerned about the privacy and security of our data can continue using the service with confidence.

Kind regards
Quote
lilyoliver
If i want to store sensitive data in my webbrain (private part) is this secure ? And by what standards ? 

Lily Oliver | instagram video downloader
Quote
Brigitte
Hi Lily,

TheBrain 8 Cloud Security:
TheBrain Cloud services uses the same encryption technologies used by governments, banks and the military to keep your data from prying eyes. During synchronization, your data is transferred using SSL encryption so it is not vulnerable to interception. For data storage, RSA encryption is used on all attachments, icons and images.  This server is hosted by Amazon web services.

For more information, see http://aws.amazon.com/security/

TheBrain 9 Cloud Security:

TheBrain 9 uses a completely different architecture from TheBrain 8 and we are enhancing security as part of that transition.

TheBrain 9 servers are hosted via Microsoft Azure and not AWS.

At present, there is no facility for accessing information even by administrators without the login information. Additionally, our services agreement does not permit us to access user data for any purpose beyond providing services to the user.

- Passwords are salted and hashed using a unique-per-user salt.

- File attachments and notes are now encrypted using a 256-bit AES cipher (one of the strongest block ciphers available).

- We will put together a technical overview of security features of TheBrain 9 as we get further along or soon after the release. 

Best regards,
Brigitte
TheBrain Technologies


Quote

Newsletter Signup  Newsletter        Visit TheBrain Blog   Blog       Follow us on Twitter   Twitter       Like Us on Facebook   Facebook         Circle Us on Google+  Google         Watch Us on Youtube  YouTube       

TheBrain Mind Map & Mindmapping Software     Download TheBrain Mind Mapping Software