Locker uses cloud services from some of the world’s leading providers for its infrastructure. These suppliers all have to meet minimum industry standards including
- ISO/IEC 27001: ISO information security management standard.
- AICPA SOC 2: AICPA data security standard.
- CSA: Cloud Security Alliance cloud service security standard.
Locker is designed and built with redundancy for our data centers, minimizing the risk of inaccessibility. Even when users do not have Internet access, they can still access their data through the copy previously downloaded on their application.
Locker database and API services are designed to be replicated with continuous synchronization. If a node or even a cluster goes down for any reason, the remaining nodes can continue running to ensure all user activities go on as usual.
Locker stores user data in the form of files and databases at our trusted storage servers. All the data is encrypted using each user’s Master Password combined with Encryption of Data at Rest from Cloud service providers. Only users can decrypt and access their own confidential data. No one else can do it, not even the Locker team.
We periodically back up and store user data in the data centers of leading Cloud service providers such as AWS, GCP, and Azure to ensure that even if something goes wrong, the data remains safe and recoverable.
All data is transferred through encrypted communication channels (SSL/TLS), combined with AES-256 encrypted data. With this design, man-in-the-middle attacks are disabled.