Security Overview

Security in depth, not just on the perimeter.

WordsLater is engineered as a system of overlapping safeguards. If any one layer is bypassed, others stand behind it. Here's how we protect the messages you've entrusted to us - from the data center to your keyboard.

Infrastructure

Hardened, audited data centers

Hosting is provided by SOC 2 Type II and ISO 27001 certified cloud providers in the United States. Physical access is biometric-controlled and logged 24/7.

Geo-redundant storage

Encrypted backups are replicated to a separate geographic region every day, so a regional outage or disaster can never lose your scheduled messages.

Segmented network

Application servers, databases, and storage live in isolated network segments. The database is never directly reachable from the public internet.

Edge protection

A managed Web Application Firewall (WAF) and DDoS mitigation sit in front of every request, blocking common attacks before they reach application code.

Application Security

Parameterized queries

Every database interaction uses parameterized statements. SQL injection is structurally prevented, not just filtered.

Output encoding by default

User-supplied content is HTML-encoded everywhere it's rendered. Cross-site scripting is shut down at the template layer.

Bcrypt password storage

Passwords are hashed with bcrypt and a per-user salt. Even a full database breach would not expose your password.

Two-factor authentication

2FA via authenticator app or SMS is available to every account and strongly recommended for posthumous and vault users.

CSRF + same-origin guards

All state-changing requests require a CSRF token, and authentication cookies use SameSite, Secure, and HttpOnly flags.

Dependency scanning

Third-party libraries are continuously scanned for known vulnerabilities, and critical patches are deployed within 24 hours of disclosure.

Monitoring & Response

24/7 monitoring

Application, database, and infrastructure metrics are monitored around the clock with automated alerting on anomalies.

Append-only audit logs

Sensitive actions - logins, key access, message reads, configuration changes - are written to append-only logs retained for a minimum of one year.

Breach notification

If we ever detect unauthorized access to your account data, you'll be notified within 72 hours, along with the steps we're taking.

Tested disaster recovery

Our backup restoration and failover procedures are tested at least quarterly with documented recovery time and point objectives.

The People Behind the System

Least-privilege access

Staff are granted only the access they need for their role. Production database access requires multi-party approval and is fully audited.

Background checks & NDAs

Every employee and contractor with access to production systems passes a background check and signs strict confidentiality agreements.

Annual security training

Every team member completes annual security and privacy training, including phishing simulations and incident-response drills.

Secure workstations

Employee devices are encrypted, centrally managed, and require hardware-backed multi-factor authentication for production access.

Message Lifecycle

A walk through what happens to a single scheduled message, from the moment you type the first word until the moment it's delivered.

Composition

You write the message in your browser over TLS 1.3. Drafts are auto-saved and encrypted before leaving your device.

Storage

On arrival, the message is encrypted with AES-256 using a key managed in a hardware-backed key vault. Only the application service can request a decryption.

Holding period

Your message waits in encrypted storage. It is never opened by staff, never indexed by third parties, and never used for training AI.

Pre-delivery checks

Shortly before the scheduled date we run a series of automated checks - account status, recipient validity, posthumous verification if applicable - and notify you if anything looks wrong.

Delivery

At the scheduled time, the message is decrypted just long enough to transmit it to the recipient over an authenticated channel (SPF/DKIM/DMARC for email, SMS through tier-1 carriers, or print and mail through our vetted print partner).

Post-delivery retention

A copy is retained in your account so you (or your loved ones) can revisit what was sent. You can delete it at any time. See our Data Retention & Custody policy for full details.

Responsible disclosure

If you believe you've found a security vulnerability in WordsLater, we'd like to hear about it. Please email admin@dataprocessingllc.com with details. We commit to acknowledging your report within two business days, keeping you informed during our investigation, and crediting researchers who responsibly disclose issues.