Built for Ultimate Security

You are trusting our service with the most important information and documents you own and that's a responsibility that we take extremely seriously. Your data is always encrypted so that no one but you and your trusted nominees can view it (and that includes us)

SECURING YOUR DATA

alt

AES-256 encryption with unique keys

ENCRYPTED IN TRANSIT

alt

SSL using 2048-bit certificates

SITE & SERVER SECURITY

alt

MyHalo - A Cyber Secure Application

ACCESSING YOUR DATA

alt

Access is limited to you alone

TWO FACTOR AUTHENTICATION

alt

2 step login for added safety

GDPR & IASME COMPLIANCE

alt

Following guidelines to the letter

Our Systems, Your Peace of Mind

Secure Data

We store all data within the MyHalo Application using AES-256 encryption with a unique key for each user. Every single personally identifiable field in the database, including your name and email address is encrypted. For searching and indexing, we hash the minimum number of data fields using HMAC. We apply the same encryption technique to all files you upload. As with all systems such as ours, the security of your information also depends on you. Please choose a really strong password (we enforce that as best we can) and never share it with anyone. MyHalo is a secure vault for sharing information with others via a nominee function that only you control.

Encryption Procedures

Communication between you and the MyHalo Application is always encrypted via SSL using 2048-bit certificates with SSL being a requirement on all server interactions. 2048-bit RSA keys are roughly equivalent to a Security Strength of 112. Security strength is a number associated with the amount of work required to break a cryptographic algorithm. 2048-bit is currently (2021) the highest rated encryption key for the web.

Site and Server Security

MyHalo follows best practices to keep your data secure. We audit our environments and code for security issues on a regular basis and apply patches expeditiously whenever required. We use commercial services that regularly check our site and server for vulnerabilities and we retain our own third party security software to probe and verify the security of our site.

Data Access Protocols

Our encryption methods and procedural policies prevent any MyHalo administrator from gaining access to your data beyond a very limited set necessary to help grant you access to your account and restricting access to your account in urgent circumstances (for example limiting or removing access for one of your nominees). The unique key that encrypts your data means we cannot see the information that you enter or any of documents that you upload. We log and regularly audit all access to your account, whether by you, an administrator or one of your nominees.

2FA Login as Standard

Two-Factor Authentication (2FA) works by adding an additional layer of security to your online accounts. It requires an additional login credential – beyond just the username and password to gain account access, and getting that second credential requires access to something that belongs uniquely to you. Whenever you sign into MyHalo from a new computer, device, or browser, we will send a unique code to your phone that you must input as part of your login. Remember to carefully check all web address URLs and links before clicking through though just to make sure you are linking to MyHalo and not somebody pretending to be us.

GDPR Compliance

MyHalo Life Ltd is Cyber Essentials accredited and ICO registered. Our UK based web servers are fully certified to supply securely managed services.

  • ISO 27001 & ISOQMR Registered – Information Security
  • ISO 17789:2014 – Cloud Computing Architecture
  • ISO 20000;9-2015 – Service Management Guidance for Cloud Services
  • ISO 27005-2018 – Information Security Risk Management
  • ISO 27017:2015 – Cloud Service Information security controls
  • ISO 27018-2019 – Protection of Personally Identifiable Information in Public Cloud
  • ISO 27032:2012 – Cybersecurity Techniques
  • ISO 27040:2015 – IT Security Storage
  • ISO 27701-2019 – Privacy Information Management

Contact Us

If you have any questions or concerns about security or require further information regarding your data, please feel free to email us on: [email protected]

Cyber Essentials Scheme