Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319


HMA no log policy gets stamp of approval from auditor

Image Description

Following an independent audit from the cyber-risk consulting firm VerSprite, the VPN service HMA has been awarded a low risk user privacy impact rating for its no-logging policy.

The assessment, which categorizes risk level on a scale of low to critical, included analysis of data, traffic and storage on both the client and server-side of the company's service as well as the disconnection of user identities with data containing information about online user activity.

HMA first introduced its no-logging policy earlier this year and its successful third-party audit from VerSprite forms part of a broader initiative by the company to become a privacy champion for users worldwide.

Commercial director at HMA, Andrei Mochola explained why the company decided to carry out an independent audit of its service and infrastructure in a press release, saying:

“The VPN industry has struggled with a trust issue for a long time. The ownership of some VPN companies is ambiguous at best or concealed at worst, and many people are unaware that they’re handing over their data to organisations which offer little to no visibility on what they do with it. Our ambition is to set a new standard in privacy protection for consumers by being painstakingly transparent across all touch points in our privacy policy, our products and our communications.”

Independent audit

VerSprite's technical private independent audit covered HMA's clients for Android, iOS, Mac and Windows and started from the installation process all the way through the entire data flow of the in-scope endpoint applications.

The firm applied a privacy-focused threat model to encompass manual assessment techniques aimed at identifying where privacy violation risks may be present within the VPN service's clients. The objective of the independent audit was to identify, report and provide recommendations for any technical gaps related to HMA's no-logging policy. This isn't the first time that HMA has worked with VerSprite as the firm also conducted security penetration testing on its VPN service.

CEO of VerSprite Tony UcedaVélez provided further insight on how its security team searched for privacy violations in HMA's VPN clients, saying:

“For years, VerSprite's Research & Offensive Security teams have found numerous zero day vulnerabilities and risks in VPN software. HMA relied on our offensive security team’s talents to focus more on privacy violations that could be present via the VPN client software. We worked to help validate the assurances made from the no-logging policy and helped them understand the nature of the risks identified so that they could improve the product’s overall privacy level.”

  • We've also highlighted the best VPN services


05 Aug 2020



Other Blog

  • Backblaze teams up with Fastly CDN to slash egress fees but there's a catch

    If Fastly users migrate at least 50TB of data and store it with Backblaze for at least 12 months, they won't have to pay any cloud egress fees.

    Read More
  • Laptop deals: HP's Black Friday flash sale has great value machines, plus a $200 off HP Spectre

    Hurry if you want to bag a great Black Friday laptop deal at HP - it's only available until Tuesday night.

    Read More
  • Three vital security measures to protect your corporate network

    Corporate networks are under attack. Here's how to protect yours from marauding cyber-criminals.

    Read More
  • NortonLifeLock, Avast confirm multi-billion merger to form new antivirus giant

    The two companies want to provide a "more comprehensive portfolio".

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us