Security

We provide several security capabilities and services to increase privacy and control network access. These include:

Transport Layer Security (TLS) is a cryptographic protocol which provides secure communication over networks, for example, communications between their servers and web browsers. We are using TLS 1.2. TLS 1.2 was defined in RFC 5246 in August of 2008 and is the successor of Secure Sockets Layer (SSL). Based on TLS 1.1, TLS 1.2 contains improved flexibility.

ECDHE (Elliptic Curve Diffie-Hellman Key Exchange) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public-private key pair, to establish a shared secret over an insecure channel. It is a variant of the Diffie-Hellman protocol using elliptic curve cryptography. This exchange is signed with RSA. We are using ECDHE-RSA with P-256.

AES (Advanced Encryption Standard) is a symmetric encryption algorithm. AES was designed to be efficient in both hardware and software, and supports a block length of 128 bits and key lengths of 128, 192, and 256 bits. We are using AES 128 GCM. We will soon be switching to AES 256.

Our Cloud Provider is complaint with the following:

ISO 27001: Information Security Management

ISO 27017 & ISO 27018: Information Technology Security Techniques

ISO 9001: Quality Management

We recommend TunnelBearTunnelBear VPN provides you with a secure and private connection to a less restricted Internet. It keeps your IP address private from websites, hackers, and advertisers. It shields your personal information from prying third-parties and hackers on public WiFi, ISPs and other local networks.