We’ve listened carefully to nearly 2 million users of our products that rely on us for security and compliance. The vast majority of them want to find a balance between information security and ease of use when it comes to the information they share outside of their business.
We take security and our obligation to you, our customers, very seriously. You can find out more about our security credentials on our security and availability page.
If you use GetBusy with someone external to your team, be they a client or vendor, that isn’t already a GetBusy user, they are sent an email notification containing a secure link to access and interact with the information you have sent them, without the need to create a GetBusy account.
These secure links:
can only be used once
are set to automatically expire within a short but practical period of time
are hashed and tokenised (obscured)
cannot be brute force engineered
only provide access to a single GetBusy thread
If someone attempts to use a link that has expired or already been used on a different browser or device, a new secure link will be generated for the appropriate person and emailed to them, assuring them of the secure reason for doing so.
Unlike information sent by email and similar means, which is usually sent and stored in an unencrypted manner, can be duplicated, and is accessible in perpetuity - information in GetBusy is only accessible to unregistered users in a secure point-in-time manner, and only for an individual interaction.
Anyone you work with that is already a GetBusy user, will simply be prompted to sign in to their account before they can access the information you have sent them.
To see what clients or those without a GetBusy account will see and experience if they receive something via GetBusy, watch this video below:
In the future, we will add additional options for secondary authentication for certain actions and activity within GetBusy - please register your votes in the Roadmap area of the app if this is something you are interested in.