Subscribe to our Email List
Our commitment to security has three aspects:
- Experience. We have been delivering on-line applications since 1998 for high-profile clients including Amazon.com,
Microsoft and Starbucks. In addition, our clientele includes firms in the banking, insurance, and legal industries. The
design and implementation of our security practices and guided by the experience and real-world requirements of our
- Control. Each user controls the scope of the information that Marketsync is allowed to access, and only the minimal set
of information required to process a communication is retained in our system. All data stored by Marketsync on behalf of a
client remains the property of that client.
- Protection. We implement and maintain proven, up-to-date security measures, including firewall protection, intrusion
detection systems, SSL encryption, and other security technologies. Our security infrastructure is regularly audited by an
independent 3rd party as part of AppExchange certification.
Additional technical details of our security infrastructure:
- User Authentication. Marketsync employs "single sign on" technology which leverages the Salesforce
user-authentication infrastructure. Users must log in and authenticate themselves with Salesforce prior to being granted
access to Marketsync; the Salesforce-generated security credentials are then used to validate access to the Marketsync
system. All Salesforce security constraints apply when users access Salesforce data via Marketsync.
- Encryption. All information exchanged with the Marketsync system – including the interactive user
interface and back-end communication with salesforce.com servers – is protected by 128-bit encryption, the same level of
security used by Salesforce itself.
- Firewall. The network perimeter is protected by firewalls and intrusion detection systems.
- Database Security. Database access is controlled at the operating system and database connection level
for additional security. Access to production databases is limited to a defined set of users and processes, and is further
restricted to a defined set of interfaces as a precaution against SQL Injection attacks; as a design practice, "constructed
SQL commands" are not used anywhere in the Marketsync system.
- Operating System Security. All operating system accounts are secured by strong passwords, and in
addition the protection afforded by our firewall, production servers are "hardened" against security threats. All operating
systems are maintained at the vendor's recommended patch levels for security.
- Physical Security. Our production data center is located in Kirkland, Washington. The facility is
protected by 24-hour remote-monitored security, and includes dedicated power and air conditioning equipment designed to
ensure that we meet our promised service levels.
- Disaster Recovery. All production data is stored on fault-tolerant RAID arrays. Each night, our
production databases are backed up, encrypted, and transmitted via a secure connection to an off-site storage location.
Disaster recovery plans are tested regularly.