Debitoor's no-nonsense
guide to security

Everything you need to know to stay safe online

Data protection

Debitoor encrypts your confidential data using industry-leading methods and recognized security standards (256-bit SSL certificates), so all the data transmitted between your computer and our servers, or individual services on our servers, always remains encrypted.

We run a mirrored database setup which means that your data is always stored in two separate locations. Additionally, we run scheduled off-site backups of your data around the clock.

As a result, no single machine failure can take your data down, and all your data remains continuously backed up and recoverable.

Please note that the Debitoor cloud infrastructure is run on servers located in Ireland and therefore subject to strict privacy regulations outlined in the European Commission Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.


Servers and Networks

We're building Debitoor on one of the most secure net infrastructures out there.

Allan Ebdrup
CTO

The Debitoor server infrastructure is built on secure cloud solutions provided by Amazon Web Services (AWS) and located in Dublin, Ireland.

The Debitoor development employs round-the-clock monitoring, extensive logging services and a staged software roll-out process to ensure that the Debitoor service runs smoothly.

We have emergency procedures in place to deal with service outages and any external attacks.


Application security and Password

Anybody can build a set of features, but it takes focus and dedication to make sure they are always accessible and are free of bugs.

Alessandro Leoni
CEO

Debitoor never stores plain text passwords in its databases, but instead uses a slow hash function with salts to ensure that your password is securely encrypted and remain sufficiently difficult to hack even in the face of hardware improvements.

Recognizing that even the most sophisticated cryptographic software cannot redress vulnerabilities associated with weak, generic passwords, we encourage you to choose a strong password consisting of both letters and numbers, complying with the minimum viable security guidelines when you sign up for Debitoor or change your password.

Also, we recommend that you change your password on a regular basis.

Note that to make it easy for you to access Debitoor, we use an auto-sign-in feature. This means that if you don’t sign out from the action menu in Debitoor, your browser will automatically log you in the next time you hit the Log in’ button on the website.

The auto sign-in times out after two weeks of inactivity. So if you use Debitoor at least once every 2 weeks, you should never have to enter your password.

Useful safety tips

Choose your passwords wisely

Always use long passwords (10+ characters) which contain both letters and numbers. This makes it more difficult for someone else to guess or crack your password. Also, try to refrain from reusing the same password across all the online services you use. Should you forget your password, you can always reset it following the link in the sign-in window.

Check your email address

Make sure the email address you choose for your account is up-to-date and typed in correctly. You should also double-check your phone number in your company details. Keeping this information up-to-date means that we can reach you easily, if we need to deliver some important information to you.

Secure your mobile

While mobile internet opens a world of possibilities for you when you're on the go, make sure to protect the access to your personal information on the phone. Always use a password or a pin-code to lock your phone. Check the source of all files and apps before downloading them make sure they’re safe.