Facing a slack interaction with data security related concerns in the United States, many consumers question if CyberGhost operated US servers are safe from tampering by intelligence agencies. For this purpose, a glimpse into our overall server policy (that applies to ALL COUNTRIES) should answer:
- Due to various security measures any direct access to our servers is impossible, even for the data center, which houses the server. Only possible approach: a direct manipulation of the hardware between two check points in time. This latter threat is countered by our #NoSpyProxies, a data center located in Romania and under direct 24/7 control by Cyber Ghost.
- There are reliable findings about which limited group of persons may enter a data center.
- Existing access control systems to verify the person admitted.
- The data center has ISO certification for operations as well as support contacts and emergency services.
- There is access to router and AS systems.
- AS configurations and corresponding safeguards are available.
- Irregular routing and encapsulation controls of single servers are possible.
- Due to no transferring of account data a server doesn't know which user is on board (if you use the CyberGhost client for Windows, Mac, or Android).
- Inbound and outbound traffic to the CyberGhost network is fully encrypted. If visiting HTTPS pages, there's end-to-end encryption.
- There is neither a scan nor the recording of user data, usage data, connection times, or the like. Only the number of users on a server and its total bandwidth is known (of course not broken down by user, IP or connection)
If a data center is being monitored at distribution points such as the DE-CIX or other appropriate peering points, without the data from the server one can even after a source-destination filtering only see the encrypted incoming/outgoing traffic and the incoming/outgoing traffic on the other side (towards the Internet, for example websites, services, games - this also optionally unencrypted if no SSL connections are used). The outgoing data packets will be anonymized by our NAT (IP header information) by replacing the IP, the time stamp, the MAC address, and the source port, so that they can no longer be correlated to an incoming data stream.
The user connection to the server is secured by Perfect Forward Secrecy, the key change takes place every 60 minutes. A virus scanner and a rootkit hunter are mandatory and updates for our servers are always be installed as soon as available. The administrative access to the server is allowed only on a specific IP range and also requires its own RSA key with 4096 bit key length or a two-way authentication.