Security at Sabal

We treat your family's financial information with the same care and respect we give our own. We use Sabal too! Read on to learn more about how we secure your data and respect your privacy.

Data Encryption

At Rest

We use the 256-bit Advanced Encryption Standard (AES-256) to protect your data when it's stored in our systems. This is the same standard used by financial institutions and recommended by government security experts.

In Transit

When you access your information online, we use the latest secure connection protocols (TLS 1.2+) to encrypt data as it travels between your device and our servers. This ensures your data remains protected, even over public Wi-Fi.

In a Vault

Items in your workspace's vault are stored using a technique called "envelope encryption." Each item is encrypted with a unique data key, created using AES-256-GCM with a HMAC-based extract-and-expand key derivation function, signing, and key commitment. This data key is never stored and can only be retrieved using a root key in the context of your workspace. This provides an additional layer of security and privacy on top of our encryption at rest.

Data Access

Multi-factor Authentication

Accessing your workspace requires two separate steps, like verifying codes sent to your email and phone. This keeps your account secure even if someone gets into your email or has your phone.

Passkey Support

Passkeys are modern alternatives to passwords that are both more secure and easier to use. They cannot be guessed, cannot be forgotten, and protect against phishing attempts.

Workspace Permissions

You decide what each person can can see and do in your family’s workspace. Easily update these permissions anytime within the app.

View-Only Connections

When connecting to your institutions, we never store your sign-in information. We receive limited, view-only access to the accounts you choose through our connection partners. Neither Sabal nor our partners can move money or see full account numbers.

Privacy Practices

You're in Control

View, correct, or delete your information at any time through the app. If you decide to close your account, we'll completely remove your data from our systems and partners.

No Data Sales, Ever

We make money by providing a service to you, not by selling your information. Sabal is 100% ad-free and we will never sell your data.

Information Isolation

We store your personal details (like name and contact info) separately from your financial data. This adds an extra layer of security and ensures that even within our company, access to your information is strictly limited.

Security Practices

Trusted Team

We carefully screen our staff and provide ongoing security training. We also run a Vulnerability Disclosure Program to engage with the wider security community.

Top-Tier Technology

We use Amazon Web Services (AWS), a leader in cloud computing, to host our systems. This ensures we can reliably offer our services and provide robust protection of your family's information.

Constant Monitoring

We run daily automated scans to quickly find and flag potential vulnerabilities. We regularly test our infrastructure against industry-standard security benchmarks to ensure we're following best practices.