As we're in the business of teaching people about cyber security, you might be thinking: how does the Hacksy team keep themselves secure?
This document will help to answer that question.
Not yet, but we know that most systems will get hacked at some point. We minimise the risk of getting hacked and reduce the impact of a successful hack by storing the absolute smallest amount of information possible.
We also regularly run penetration tests, both internally and externally, to make sure we're minimising the risk of unpatched vulnerabilities.
We have each individually checked known leaked databases and the Dark Web for our details. Most of us have at some point had our information leaked online — that's just the world we live in. To counter the increased threat that poses, we all use two-factor authentication, password managers, have unique and strong passwords, and sign-up for alerts so we know if any additional information is leaked.
We've all been through cyber security training, and compartmentalise our customer information so that even if we're hacked we have access to as little information as possible
We also regularly try to hack and socially engineer each other, and run simulated phishing attacks against the Hacksy team... We love each other really.
Data is never transferred or stored 'in the clear'. It's always encrypted.
We encrypt your data using industry-standard AES256.
Not a lot. We figure that the best defence against malicious hacks is to not hold on to anything they want.
We capture email addresses, because we need some way to contact and identify who's in Hacksy.
We don't store any passwords, ever.
Further details of exactly what data we store and how we use it can be found in our privacy policy.
We run regular internal penetration tests to identify our own vulnerabilities. Sometimes you're just too close to your own work though, so we also schedule testing from external penetration testing companies to catch vulnerabilities that we can't see. These penetration testers are White Hat hackers who attempt to break into our systems, and help us fix any issues that they find.
We also run a small bug bounty through hackerone.com, a marketplace for White Hat hackers to try and hack companies.
If you think you have found a bug in Hacksy, let us know at [email protected] and we'll send you something nice.
We only work with companies that can prove their own security credentials and take security as seriously as we do.
We look for companies who take security seriously, find and report their own vulnerabilities, and fix issues promptly.
No 😊
Back to dashboard