Secure by Design

The Outlook / Office 365 deployment application is a fairly simple application that connects to our servers via HTTPS (port 443) and downloads a zip file that contains the user’s signatures in various formats (HTML, TXT, RTF). The application extracts the zip file and copies the contents to the appropriate locations so the signatures are set in the user’s email client.

Our servers are secured using industry best practices. Access is limited to only Digitech Branding employees who need access for business purposes. Our services are hosted on Heroku and AWS and are protected with Cloudflare. Encryption is via Cloudflare “Modern TLS Only” forcing all HTTPS traffic to be served over TLS 1.2. Our primary data locations are AWS US East (N. Virginia) and AWS US East (Ohio) with AWS US West (N. California) used for some data backup. Additionally, we maintain an offline backup that can be started in emergency in AWS Europe (Ireland) - this is compute only (data still resides in the primary locations).

The application uses Office 365 OAuth to authenticate the users. No password is collected, transmitted, or stored by the application. The application stores a token after the user authorized the app that provides limited access to update the user’s signature settings. This token is stored only on the user’s local computer and is never transmitted to Dynasend servers. It is used only to communicate directly to Office 365 servers from the user’s local computer.

No Access to Your Email

Unlike many of our competitors, our process does not require that your email messages be routed through our servers for the signatures to be applied or “stamped”. Rather, as described above, we treat email signatures as Microsoft intended them, by using the email signature functionality that Microsoft has built into its email client programs.