The security of our users’ data is of paramount importance to all of us at Crew. We know you expect your private messages to be private, and we focus a huge amount of our engineering resources on ensuring that they are. But you don’t have to just take our word for it—here’s exactly how we do it.
- All communications between employees’ devices and the Crew servers are encrypted in transit using TLS, so they can’t be read or modified in transit.
- All user data—including messages, photos, videos, etc.—that lives on Crew servers is also encrypted at rest, and the encryption keys used are stored separately, on dedicated encryption servers.
- All employee credentials stored on devices are encrypted using keychain, or similar, software, which protects those credentials from retrieval by a third party.
- Organizational data stored on individual employee devices can be remotely wiped at any time by an admin by simply removing that individual from the Organization.
When matched with an organizational policy that enforces employees’ use of passwords on their phones, users can rest assured that they are as protected as possible from unauthorized access to company data.