NuevaSync Smartphone Cloud Services
Status checked at 16:35 UTC
Service is operating normally
Already a user?

Privacy and Security for Push Email

Here at NuevaSync we have always had a strong commitment to maintain our user's privacy and to secure their data. That commitment is detailed in the NuevaSync Privacy Policy. Here are some of the ways we ensure security for push email:

  • Network communications between device and our servers is always secured with SSL/TLS. No unencrypted connections are allowed.
  • Network communications between our servers and email server via IMAP and SMTP is always encrypted. Unencrypted access is not supported.
  • Outgoing email messages have a header added to verify that the message was received from the device over a secure connection, allowing the recipient to verify end-to-end security.
  • Email content is not stored on our servers : body, subject, recipients, sender, are never stored. Only time stamps, folder names and message ids are stored.
  • Credential data is encrypted when stored and "at reset" in memory.
  • We own our own servers which are hosted in secure facilities that have been audited for SAS-70 Type II and PCI compliance, biometric/dual-factor entry control and 7x24 staffed.
  • Source code is regularly checked with static analysis tools for security vulnerabilities.
  • Service is provided for the benefit of our subscribers, without advertising, and in compliance with a privacy policy that respects their privacy.
  • Our server IP subnets are available on request, allowing mail server admins to lock down access to only our servers.
  • When practical, we implement support for any security-enhancing features present in the systems with which our service interoperates. For example: device remote wipe, OAuth for IMAP and SMTP, anti-cracking measures.

Have a question about security? The NuevaSync Security Response Team is always ready to help.