Hi Josh,Glad to hear you're liking Mockingbird =). Currently, as you know, Mo

1. Hi Josh,
2.  
3. Glad to hear you're liking Mockingbird =). Currently, as you know, Mockingbird project URLs are viewable by anyone (though as long as the URL doesn't fall into the wrong hands, the hash used for the URL is cryptographically secure), but we do have plans to implement stronger permissions for projects (so you can selectively give people read/write access). This is very near the top of our list, and will probably be implemented before we get out of beta.
4.  
5. As far as the security of the data on the server -- your account password is stored encrypted in the database, but the mockups are stored as plaintext JSON (currently on S3, though I'm going to soon have them cached on the server as well). The database running on the server cannot be accessed remotely (unless tunneled through SSH, but even then, you will need ident authentication) and S3 can only be accessed using the access key/secret key provided by Amazon. So the security of the data on the server really comes down to the possibility of the server itself being compromised (or Amazon S3 being compromised). If you would like, I could discuss with you (though I rather not over E-mail) the steps I've taken to secure the server, but basically I've followed the general practices people use to lock down production web servers.
6.  
7. I don't plan to implement encryption on project data anytime soon, but we have discussed allowing companies with high security requirements to have their own Mockingbird servers so they can store their data locally.