Security
This page details the technical controls protecting your account and content.
End-to-end protection where applicable
Legacy messages scheduled for delivery after death are encrypted with per-recipient keys before being stored. Decryption keys are released only when the documented release conditions are met.
Encryption
- In transit: TLS 1.2+ for all browser ↔ server traffic.
- At rest: database, file storage, and backups are encrypted at rest.
- Application layer: additional encryption for vault payloads.
Multi-factor authentication
MFA is supported via your identity provider and can be enforced for your account. We recommend enabling it for any account with real estate-planning data.
Audit logging
Privileged operations (legacy access, vault releases, AI usage, document exports) are written to append-only audit tables. End users cannot modify or delete audit entries.
Secure cloud storage
Files are stored in private, signed-URL-only buckets. URLs are short-lived and scoped to the requesting user.
Backups & disaster recovery
Automated daily backups with point-in-time recovery (minimum 7-day window) and tested restore procedures.
Network & application security
- Parameterized database queries (no raw SQL concatenation).
- Strict CSP-friendly rendering; no inline untrusted HTML.
- CSRF mitigation via same-origin authenticated POSTs with bearer tokens.
Questions about this document? Contact info@saberiq.net.
Saber IQ · Galveston, TX, USA
This page is maintained by Saber IQ as the operator of Will IQ. It is not a substitute for legal advice.