DreamStart Labs, Inc. is committed to protecting the security of our users and being a proactive advocate for consumer protection. For more details about our approach to data privacy, see the  “DreamStart Labs Data Privacy Policy”.

Our  DreamSave solution for savings groups features a  “secure-by-design” architecture that incorporates best-in-class security technology and processes into every aspect of the product infrastructure. This strategy is based on five  key security principles : 

1. Protect Every Layer  – Every layer of the DreamSave system (apps, users, networks,   compute engines, storage systems, servers) will include separate layers of best-in-class security protection so there are no weak links in the chain.
   
2. Verify Every Interaction  – No user or service will be allowed to access any portion of   the DreamSave system without being fully validated and authenticated first. This is essential to the design of any modern mobile solution that involves interactions between human users (members, groups, administrators, support, developers) and automated computer processes (apps, networks, storage, etc.).
   
3. Use Proven Open Systems  – The underlying infrastructure of DreamSave will be   based on proven components that are open, transparent, and widely available for extensive public scrutiny wherever possible. This approach, which makes extensive use of open source software, helps ensure that security vulnerabilities in the underlying infrastructure are discovered and fixed quickly by security experts worldwide. Apps that rely on closed, proprietary infrastructure are far more vulnerable to compromise.
   
4. Assign Minimum Privileges  – Any user or process in the DreamSave system will have   the minimum privileges required to perform its authorized responsibilities, and no more. This design principle provides separation of duties and helps ensure that no user, administrator, or automated service has the rights to access unauthorized data or perform unauthorized tasks.
   
5. Record Everything  – Every activity performed anywhere in the DreamSave system,   either by a human user or automated service, will be fully logged and recorded. This helps ensure no compromise can occur without being detected and leaves a detailed audit trail for security and compliance purposes.
   

Security Implementation

The DreamSave system reflects these key principles in multiple ways, including the following:

• End-to-End Encryption : User data transmitted over the network during backup,   synchronization, and data collection, is encrypted using bank-grade AES 128-bit encryption technology (for perspective, this encryption method would take the world’s fastest supercomputer an estimated 885 quadrillion years to break ¹ ).
  

• Authentication : All data sources are verified to ensure that only valid transmissions   between the DreamSave app and the DreamSave cloud are authorized.
  

• Data Integrity : The data itself is verified on both ends to ensure that it has not been   tampered with or altered in any way while in transit.
  

• Attack Prevention : The network infrastructure includes multiple layers of protection to   defend against denial-of-service, spoofing, man-in-the-middle, and other similar attacks.
  

• Infrastructure Security : DreamSave is built on the Google Cloud Platform, proven at   scale in the world’s most rigorously tested environments. Data transmissions must pass through multiple layers of firewalls, virtual machine container security, and certificate-based service authentication. Identities, users, and services are strongly authenticated with multiple factors. Access to sensitive data is protected by advanced tools like phishing-resistant keys and application layer transport security.
  

• Data Loss Prevention : DreamSave user data is stored in a secure web-scale database   built on the open source Casandra platform (the same secure database architecture trusted by organizations like Intuit, CERN, IBM, Apple, Netflix, and eBay ² ). Data is replicated across three redundant clusters in separate security zones to provide robust fault tolerance, failover, and disaster recovery protection.
  

• Security Audits : The DreamSave cloud infrastructure is audited regularly to validate   firewall ports, user accounts, and permissions. All activities leave an unalterable audit trail in detailed security logs to ensure full transparency.
  

Contact Information

For additional questions about DreamSave security, contact us at:  info@dreamstartlabs.com.

DreamStart Labs, Inc., 2907 Shelter Island Dr., Suite 105 San Diego, CA 92106, USA .

Copyright © 2020 DreamSave Security Overview - All Rights Reserved.

_______________________

2 Apache Software Foundation, Customers, March 2020