We believe your data is yours and should be protected. As part of that commitment, we’ve added two new encryption capabilities that improve the security of your data when it travels across our network and the Internet. We’ve launched inter-data center encryption, which means we are encrypting the network links that connect our US data centers and are supporting STARTTLS for secure mail delivery to your Evernote account.
Inter-Data Center Encryption
We operate two data centers in the US and transmit data between them using a dedicated network link that isn’t connected to the Internet. Because we don’t own or operate that link, we decided to take extra steps to prevent unauthorized access to data – including note content – transmitted between data centers on this network connection. As a result, in April 2014 we enabled AES encryption for all traffic flowing between our US data centers.
Email encryption in transit (STARTTLS)
We give all Evernote users a way to create notes in their account by sending emails to a unique Evernote email address. Prior to enabling STARTTLS, emails you sent to our service were transmitted unencrypted across the Internet. With STARTTLS enabled, they are encrypted in transit if the sending service supports TLS. For example, all mail sent from gmail.com and yahoo.com accounts will now be encrypted. We also support TLS for outbound emails, which means that emails you receive from our service, such as password resets, are also encrypted in transit if your mail service provider supports TLS.
These new security capabilities complement our existing HTTPS and HTTP Strict Transport Security (HSTS) support to protect your data in transit from unwanted interception. We plan to continue improving our transport security posture to support our commitment to protecting your data.