All your WorkFlowy data is stored on our servers, which means you can access it anywhere, from any computer. We have taken industry-standard measures to secure the data, and we make secure backups daily.
Your data is encrypted both in transit and at rest, and all our infrastructure exists within a virtual private cloud on Amazon Web Services.
Our security infrastructure was designed by Ben Whaley one of the people who literally wrote the book on Linux system administration.
Comments
11 comments
Can anyone read my data stored on your servers? e.g. your support team etc.?
Is there any way you could please implement 2 factor authentication support? I keep a ton of important data in Workflowy and 2fa isn't all that hard to implement.
I'm also interested in Manmeet Bhangu's question. If the support team needed to, could they use some means to view my account data in cleartext?
Another security-related suggestion: could you give me the option to limit the amount of data (bullets) that can be copied/saved? If I leave my computer unattended someone can copy all my data from workflowy in a couple of seconds, for example. I think the copy/download feature is veery practical, but I would like to have the option of some kind of user-defined limit after which one needs to introduce his password in order to complete the copy operation. Several sites have this kind of approach to more sensitive data.
Sasha, can you provide more information on how it's encrypted on your end. Particularly interested in an unambiguous response to Manmeet's question, "can anyone read my data stored on your servers? e.g. your support team etc.?"
The fact that you have a full copy of it, and that you make daily backups, simply means there are certain business sensitive pieces of information we cannot responsibly put on workflowy right now.
This begs the question, is there any way for users to host workflowy information on their own server somehow? So it is still accessible on the cloud, but where a user or business with privacy needs is in control of the only copy of the data?
These are important questions--why hasn't anyone from Workflowy responded???
I wonder if they read their support forums. 2 factor authentication is critical.
My subscription is paid up for the year, but client side encryption is essential if I'm to continue using Workflowy. I have client data that cannot be placed into third party hands unless it's encrypted.
Hi all, sorry for the wait. We mainly monitor our support requests, but will aim to get questions people post on the comments here. However, please do use our support system to get immediate answers to questions.
I know that our team would like to eventually support two-factor authentication.
While the data is encrypted, our team does have the ability (with users' permission) to view the actual data for recovery purposes. Here is our privacy policy....
https://workflowy.com/privacy
For any new feature requests, please log those in the support system or email help@workflowy.com
Thanks,
Sasha
Seems to me that 'permission' isn't really required for a user at Workflowy to access an account. Just a courtesy for the subscriber, or am I wrong?
I don;t put anything confidential in Workflowy, but it would make definitely more comfortable to use a backup service like Spideroak, or one of the other ones that advertise zero knowledge.
Article is closed for comments.