Security & reliability

Security measurements

At Clocky we take security very seriously, all of our systems complains with the latest security measures and techniques to protect our clients data and avoid leakages. Some of the security practices our systems follows:

• End to end encrypted communications (https and sockets).
• Our app databases does not storages passwords or high sensitive data.Clocky does not use passwords at all, as this usually represents a security risk; we use one-time tokens instead.
• Our systems do not use centralized databases; we separate our databases by clients and servers.
• Our internal systems have detailed activity logs.
• We take security audits periodically.
• Our infrastructure uses high network security measurements.
• Our servers are stored in safe facilities with very safe physical security controls.
• Our personnel do not execute arbitrary procedures; we strictly follow only our internal procedures and policies.

Backups and data preservation

Our systems backups all of our data on a daily basis, all our backups are encrypted with military grade encryption algorithms. At Clocky the high sensitive data is encrypted twice, using two different algorithms.

We do not save encryption keys in clear text. We encrypt them, and distribute them in pieces across our servers using a safe secret sharing protocol. 

Our backup system is fault tolerant; we safe our data in several locations.

Security and maintenance

We update our systems and libraries periodically. Our team is always monitoring the latest Common Vulnerabilities and Exposures (CVE).

Incident response

In case of a data exposure, we have procedures in place that instruct clearly how and when to make a timely responsible disclosure to the affected parties, with a first notification within 72 hours of the incident detection. 

These are not the only ones security measures at Clocky, if are interested and want to know more, feel free to contact us at [email protected].