GoSimplo always encrypts your data at-rest and only transfer data externally on encrypted channels, unless explicitly disabled by the user.
GoSimplo uses the latest in Cloud Technology and Security services, including but not limited to:
Require all connections to use TLS 1.2 or better
All services are using strict firewall restrictions to limit traffic flow
User and Password Security
User passwords are stored in non-reversible hashed format. At the time of writing we are using: PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations.
Users can also enable Two-Factor authentication using a TOTP token as supported by all major smart phone vendors.
Connection Configuration
Whenever possible GoSimplo uses OAuth or API Tokens to prevent storing user credentials to third party systems.
All connection tokens are encrypted with an additional layer where keys are stored in an Cloud Managed Encryption Vault / Azure Key Vault
This prevents client connection credentials from being accessible in the event of a compromised database backup.