Security, privacy, & resiliency

**Tags**: #MemberData #Transparency #OPSEC > [!info] > This information is shared as part of Decombine's commitment to [[Open Core]] practices. # Principles Decombine is transparent about how we protect you and your data. See below for some of our specific principles, practices, and commitments to you. ## Security Decombine is engineered and committed at the core of our foundation to be paranoid about security. **We prevent your Decombine traffic from being intercepted by third-parties and malicious actors.** Every time you access our services, we route those requests to regional private networks that cannot be accessed directly through the Internet. We avoid the risk of ever leaking or exposing your traffic to third-parties or malicious actors so that they can't eavesdrop. We also use private network links with our cloud service providers to securely route traffic directly to their services from Decombine without needing to use the Internet. You can read more about this at [[Network Security]]. **We prevent any unauthorized parties from accessing your Decombine data.** Your data is end-to-end encrypted at all times. Read more about this at [[End-to-End Encryption (E2EE)]]. **We exclusively use Multi-Factor Authentication such as biometrics, hardware tokens, and authenticators.** We provide Multi-Factor Authentication (MFA) for Decombine services to Decombine Members free of charge. All Decombine employees and contractors are required to use biometric identification, hardware tokens, and authenticators. ## Privacy Decombine goes the extra mile when it comes to transparency about how we protect your privacy. **Decombine minimizes the number of vendors we work with**. We've made a commitment to keeping our footprint of vendors as small as possible to limit risk on your behalf. We only work with companies that are as paranoid as we are. *Decombine has 10 vendors in total*. Do other services tell you exactly who they work with and why? You can read about all our vendors at [[Vendor List]]. **Decombine does NOT sell your information to anyone.** We hate the idea of any company using your data as their personal piggy bank. You can read about our business model at [[Frequently Asked Questions]]. **Decombine transparently informs you of ALL the services which your data is hosted, processed, or transits.** You can read about exactly who has access to what at [[Vendor Data Architecture Transparency]]. ## Resiliency Decombine is designed to be resilient. We know outages and service failures will happen, and we're dedicated to ensuring your data is never at risk. **Decombine replicates your contract data across 3 regional databases.** We isolate your data to the region you select and then we replicate your data across three database instances to make sure we always have your data available to be accessed. **Decombine automatically replicates your contract files across multiple datacenters** If you generate contract files, we replicate each across multiple datacenters in your selected region to ensure availability and loss resiliency. Each contract file has a minimum of 3 copies across three different zones in a region. Furthermore, we replicate an additional backup to a secondary region in the same geographic area to ensure availability in the event of regional disasters for 99.99999999999999% (16 9's) availability over a year. ![Geo-Zone Redundant Storage (GZRS) Schema Image describing storage replicating to primary and secondary regions](https://learn.microsoft.com/en-us/azure/storage/common/media/storage-redundancy/geo-zone-redundant-storage.png) **Decombine services are stateless for maximum recovery speed.** We design our services to be primarily stateless so that we can quickly build, update, and publish changes to services. Our services are also designed to automatically recover and failover in the event of outages.