My husband and I were at a dinner party last weekend where a lively discussion broke out about security and privacy issues related to the use of Facebook and Instagram. It was no surprise that we all had lots to say about the matter since we’re all active users and especially since the dinner party was being instantly recorded in the memory books thanks to both services.

Of course, as expected the conversation rapidly shifted to Arkkeo since the majority of friends sitting around the table were also new Arkkeo account holders. Their questions – How secure is Arkkeo really? How much does Arkkeo know about me and will they share my data? Can Arkkeo customer service see what I do in my account like a bank’s customer service representative can see what happens in my bank account? Would you put highly sensitive information into Arkkeo?  

All good questions indeed and since they are most likely the same questions that you have, I thought I’d post the answers here. While it may not lead to as lively a discussion as the one we had over dinner, I do hope it demonstrates the importance that Arkkeo puts on both security and privacy.

How secure is Arkkeo really?

Arkkeo’s building partnerships with healthcare providers and leading financial institutions that have extremely high standards and regulations for the security and privacy of their customers’ data. In order to operate with partners like this Arkkeo needed to build its security and privacy at the same level from the very start. This included processes for encryption, auditing, logging, backups, and safe-guarding data. All Arkkeo servers are protected by firewalls that use advanced techniques for detecting and filtering possible intruder attacks. And, Arkkeo has been audited by a third party security auditor and has achieved the highest possible rating.

Arkkeo has also implemented several additional security processes to protect its account holders.

  1. Security question and answer required. Many services out there only require that you provide an email address and password at registration. Arkkeo, however, also requires that you provide a security question and answer. Why is this important? It means that no one can get access to your Arkkeo password even if they have your email address and have managed to get access to your email account. It would require that they also know both your security question and answer.
  2. All account holders have the option to enable an extra security level called ‘two-step log in’. By enabling this feature, each time you try to log in to your account you will receive a text message to your mobile phone with an extra security code to be entered before you can log in. This provides extra protection should anyone ever get access to your email/password combination. If you are archiving sensitive information in Arkkeo then we recommend that you enable this feature. Simply log in to your account, go to your Profile and you can enable this in the Security section of your Profile.
  3. The third is a procedure that we call SafeConnect which was specifically developed to ensure that when documents are shared between two parties, for example a healthcare provider and a patient, that both parties are verified as being who they say they are and a secure and virtual handshake takes place before any document sharing can happen. SafeConnection procedures are implemented when a partner company shares personal data and also when documents are shared between two Arkkeo account holders.
  4. No downloadable desktop application or public links within the service. You probably use services that let you download their application directly to your desktop or mobile devices. The tech term for this is a ‘native app’. While there’s a certain level of convenience to having the app right there in front of you, these native apps can also put you at risk if there’s anything being stored there that you don’t want accessible to others. As an example, I’m using a service right now and have the native app on my desktop, iPad and my mobile. Although I thought that I signed out of the service, I can still access all my information from my mobile phone and my iPad which means that if someone gets access to my other devices then they have access to my account. This is something that Arkkeo wanted to avoid so instead of having ‘native apps’ it has one point of log in which is via its website arkkeo.com.

With regard to having public links and public folders inside the service, Arkkeo felt that this would put its account holders at risk so it chose not to have this kind of feature. At the moment, Arkkeo is not aware of any other personal cloud services that implement this same combination of security procedures.

How much does Arkkeo know about me and will they share my data?

When you register for Arkkeo you provide your name and email address, your location and your security question as part of the registration process and Arkkeo can see that information. Your password and security answer, however, are encrypted and completely confidential.

In terms of data collection and your privacy, it’s Arkkeo’s strict policy never to gather any information about its account holders and Arkkeo will never share any information about you with anyone. Period.

Can Arkkeo customer service see what I do in my Arkkeo account like the bank’s customer service representative can see what happens in my bank account?

Arkkeo has developed its service to ensure complete confidentiality and privacy over what you put into your account. Only you have the authority to permit someone to view documents in your account via Sharing & SafeConnect procedures. So, perhaps you can say Arkkeo’s more like the ‘Safe Deposit Box’ within your bank versus your standard bank account since only you know what actually goes into it.

Would you put highly sensitive information into Arkkeo?

I’ve been saved several times by the fact that I’ve chosen to put copies of certain personal identity documentation into my Arkkeo account. Just recently my daughter and I traveled to the US but we almost had to cancel our plans, lose quite a bit of money, and miss a long overdue trip to family due to a passport mix up. My daughter’s a dual citizen and has a passport for each country. As I’m a US citizen she needs to travel with me using her US passport but since we had not traveled to the US in a while, I did not realize that her US passport had just expired. Thankfully I had put the copies of all our essential documents into my Arkkeo account so at 5pm the day before our trip I was able to contact the US consulate from my office and complete all the detailed information on the passport application (which for a dual citizen is quite heavy), and then submit it in enough time so it could be processed by the next morning. Had I not had this information in Arkkeo this never would have been possible, we would have missed our trip, and many would have been heartbroken including a little girl desperately missing her grandparents.

So the point of my story is that I guess we all need to decide what we’re comfortable with. Having my really important documents close at hand has surely saved me a huge amount of hassle, time and heartache on more than one occasion.