Skip to Content

Security at SAFE


We're committed to high standards of security

We take strong measures to safeguard your data and our systems. 


I think someone is tracking me through my devices or my online accounts. What should I do?

First, get access to a different device, such as the phone of a trusted friend or a computer at a local library. Use that different device to create a new email account. Use that new account to email us at info@securityassist.org. This minimises the chance of the email being read by whoever is threatening you.

How do you secure SAFE devices? 

SAFE devices are protected by 'Endpoint Detection and Response' software, which includes anti-virus capabilities but goes far beyond what is available on consumer devices. 

The devices have numerous adjustments to their settings to enhance security, and have full-disc encryption, which makes it harder for attackers to access data if a device is lost or stolen. 

All devices have strong firewalls and run Virtual Private Networks that encrypt their internet connections. 

What security policies and procedures do you have?

All SAFE consultants are thoroughly vetted.

All personnel are well-versed in how to prevent attacks through techniques such as social engineering. 

Each SAFE consultant only has access to the information that she or he needs for specific projects, and not to any wider data. As soon as a consultant leaves the group, their access is cut. 

All usernames and passwords are stored only in an authorised password manager. 

How do you secure client data?

Client data is stored in a security-focused cloud storage service. This has 'end to end encryption', which means even the service provider itself cannot read the data. The service is protected with two factor authentication, which makes it much harder to hack, even if an attacker stole the password of one of SAFE's personnel. 

We further protect the data by encrypting it a second time using a separate encryption solution. This means that, even if our cloud storage was hacked, the attackers would not be able to read the data. 

How do you backup your data? How do you ensure it is deleted securely from old devices?

SAFE maintains regular offline backups of all data.

When devices are decommissioned, they are first reset to factory settings to delete the data, and then components that might retain some residual data, such as storage drives and RAM, are physically destroyed. 

I'm a security researcher and I believe I've found a vulnerability. Who should I contact? 

Please email info@securityassist.org with the subject heading 'Security vulnerability' and describe the issue in detail. We'll reply as soon as we can.