Advice needed from the more experience developers and business users

I was wondering if someone would be able to help me as I know this is a technical area.
When I talk about my application to people, They always bring up security so I feel it is really important for me to have at least a half decent page on my website which will give readers the confidence that when using my application there data is safe.

I have permissions setup in my app and password policies in place in the bubble back end but because I am new to this kind of thing and I do not fully understand it as of yet, I have looked around on many websites and reworded other businesses security pages which are on the AWS platform. ( Not ideal but when you dont know, what else can you do? )

Below you can see what I have written so far, I was wondering if anyone can let me know anything I can safely include in my security page or any advice on how to build a page out like this when you’re a startup. ie can I include on my security page that Users data is always backed up etc? what are the key features which bubble perform from a security perspective that I can tell and give confidence to my potential customers?

I hope I make sense and really appreciate any help in advance.

My wording so far.

Security is always our number one priority. This is our responsibility to you, our customers, and we take it very very seriously.

We are hosted on Amazon Web Services which maintains a state-of-the-art security infrastructure. We encrypt all traffic to our servers over https. All user passwords are stored salted + encrypted in our databases; other user data is encrypted at rest (we’re on AWS RDS)

Your privacy is our priority
You control how your work is shared with others via your user settings in the administration control panel. And when you enter sensitive information, we encrypt the transmission of that data using industry-standard encryption.

Kind regards


Security is a very broad concept. When people raise their concern about security you need to understand what are they actually refering to.

Do you feel secure? At home? Health wise? Financially? Do you fear home burglars or being violently assaulted?

Same goes for websites. What is the real concern about security? Is it just a matter of trust in you or do they really want to know about security?

Your message is strong enough, but I would dig deeper into their fears. Are they worried about where you store their info or are they worried about you?

And how detailed you want to be? Would you want to also add as an example that Apple’s iCloud is hosted on AWS? Apple is a general public go-to company when refering to privacy and security. But people also tend to remember that a lot of famous people got iCloud “hacked” when they were probably using weak passwords.

Your message is a very good starting point. It will never be perfect. Just show it to your potential customers and ask them if it reassures them and iterate over it knowing that some people are just concerned of security because you are not a big player. It’s how this stupid world works :slight_smile:

Edit: also you can use analytics software like Full Story to gather numeric feedback about how many users that read your security page signed up, how many didn’t and the same for those who didn’t read it.