With Shells, all your files and information within your virtual desktop are private. Like most major online services, Shells personnel will, on very rare occasions, need to access users’ file content (1) when legally required to do so; (2) when necessary to ensure that our systems and features are working as designed (e.g., debugging performance issues, support related requests which have been approved by the user); or (3) to enforce our Platform’s Terms and Conditions of Use. Access to users’ Shells is limited to a very small number of people. We have strict procedures and policies in place as well as technical access controls that prohibit access to a Shell except in these rare circumstances. In addition, we have a number of physical and electronic security measures to further protect our users from unauthorized access.
At Shells, we take privacy very seriously and have implemented these additional controls and processes to ensure our users are protected:
- Two factor authentication is offered to all of our users and highly recommended for their accounts
- All communications with Shells on our Spice protocol is done through TLS encrypted links, be it through the web (wss) or the app (tls socket)
- Default configuration of machines is made to ensure high security by disabling SSH password authentication
- Build processes for Linux distributions on Shells are all open-source
- Shells does not store, process, or otherwise have access to credit card information. Any credit card information you provide will be processed by a trusted third-party PCI-DSS compliant processor, such as Stripe, Inc.