You are trusting our service with the most important information and documents you own and that's a responsibility that we take extremely seriously. Your data is always encrypted so that no one but you and your trusted nominees can view it (and that includes us)
AES-256 encryption with unique keys
SSL using 2048-bit certificates
MyHalo - A Cyber Secure Application
Access is limited to you alone
2 step login for added safety
Following guidelines to the letter
We store all data within the MyHalo Application using AES-256 encryption with a unique key for each user. Every single personally identifiable field in the database, including your name and email address is encrypted. For searching and indexing, we hash the minimum number of data fields using HMAC. We apply the same encryption technique to all files you upload. As with all systems such as ours, the security of your information also depends on you. Please choose a really strong password (we enforce that as best we can) and never share it with anyone. MyHalo is a secure vault for sharing information with others via a nominee function that only you control.
Communication between you and the MyHalo Application is always encrypted via SSL using 2048-bit certificates with SSL being a requirement on all server interactions. 2048-bit RSA keys are roughly equivalent to a Security Strength of 112. Security strength is a number associated with the amount of work required to break a cryptographic algorithm. 2048-bit is currently (2021) the highest rated encryption key for the web.
MyHalo follows best practices to keep your data secure. We audit our environments and code for security issues on a regular basis and apply patches expeditiously whenever required. We use commercial services that regularly check our site and server for vulnerabilities and we retain our own third party security software to probe and verify the security of our site.
Our encryption methods and procedural policies prevent any MyHalo administrator from gaining access to your data beyond a very limited set necessary to help grant you access to your account and restricting access to your account in urgent circumstances (for example limiting or removing access for one of your nominees). The unique key that encrypts your data means we cannot see the information that you enter or any of documents that you upload. We log and regularly audit all access to your account, whether by you, an administrator or one of your nominees.
Two-Factor Authentication (2FA) works by adding an additional layer of security to your online accounts. It requires an additional login credential – beyond just the username and password to gain account access, and getting that second credential requires access to something that belongs uniquely to you. Whenever you sign into MyHalo from a new computer, device, or browser, we will send a unique code to your phone that you must input as part of your login. Remember to carefully check all web address URLs and links before clicking through though just to make sure you are linking to MyHalo and not somebody pretending to be us.
If you have any questions or concerns about security or require further information regarding your data, please feel free to email us on: [email protected]