Nimbus Web - Security


Every day numerous Nimbus Note users trust we will keep thousands of their ideas and notes safe. They know they can rely on us to keep that data safe ensuring its privacy and security. Information found on this page is intended for your better understanding of how we keep the data we are trusted with secure. We will add more information as our security options are expanded and our products receive even more protection. Security Program

Nimbus Note has a dedicated security team making sure all and any data stored on our server is protected at all times. Our security team is responsible for the in-house Incident Response program. Its responsibilities include providing necessary guidance to the company employees regarding any suspicious activity. There are specific procedures to follow and tools to use to be able to address any security issues and implement latest technologies to timely detect attacks against our system, services or personnel.

Our infrastructure and applications are checked on a regular basis to detect any potential vulnerabilities and improve the aspects likely to impact the security of our customers' data. New tools and technologies aimed at enhancing the depth and comprehensiveness of our in-house security assessments are continually examined by our expert security team.

Email Security

With Nimbus Note you can create notes that get saved to your account by sending e-mails to a personal unique e-mail address within Nimbus Note. To make sure you never get any spam ware or malware, all incoming e-mails are scanned with a powerful commercial anti-virus engine.

Product Security

Ensuring complete security of our Internet-facing service is critical to guarantee supreme data protection to our users. We have an application security program in place to ensure and improve code security hygiene and run assessments of our service quality regarding most common application security issues like CSRF, injection attacks (XSS, SQLi), session management, URL redirection and clickjacking.

All third party client applications are authenticated by our web service using OAuth. OAuth provides a way to grant access to your account to a third party without providing it with the actual login information. Once you sign in Nimbus Note successfully, the authentication token is returned to the client. Your account will be authenticated by the client from that point on. That way, no third party application will ever have access to the password and username on your device.

All Nimbus Note data is stored in AWS cloud services by Amazon - Amazon AWS, Amazon RDS and Amazon S3. All information protection methods available at Amazon are used to protect that information.

Transport Encryption

Your data in transit is protected by Nimbus Note following the industry standards. The method is known as transport layer security (“TLS”), or secure socket layer (“SSL”) technology. To offer a solid balance of powerful encryption for browsers and compatible clients as well as backward compatibility for legacy clients that may require it, we support a variety of cipher suites and TLS protocols. We intend to continue working on our transport security approach to ensure superior protection of your data.

We support STARTTLS for both inbound and outbound email. If TLS is supported by your mail service provider, encryption of your e-mail will occur while in transit to the Nimbus Note service and from it.

Manual note encryption in Nimbus Note

Users can use additional encryption for specific notes and protect them with a special password. The entire contents of the note get encrypted: text, pictures and attachments. Tasks from the To-Do list do NOT get encrypted.

Technical characteristics of encryption:

RSA_PKCS1 standard certificates are generated for users. The certificates are encrypted with the AES-256 algorithm based on the password hash. Session keys are generated for each file, each 256-bit long, by the RSA encryption algorithm. The files are encrypted using session keys and AES-256 algorithm with CBC. The SHA256 algorithm is used for hashing.