Call Today: 425-814-3900 ext.126
Our commitment to security has three aspects:
- Experience. We have been delivering on-line applications since 1998 for high-profile clients including Amazon.com, Microsoft and Starbucks. In addition, our clientele includes firms in the banking, insurance, and legal industries. The design and implementation of our security practices and guided by the experience and real-world requirements of our clients.
- Control. Each user controls the scope of the information that Marketsync is allowed to access, and only the minimal set of information required to process a communication is retained in our system. All data stored by Marketsync on behalf of a client remains the property of that client.
- Protection. We implement and maintain proven, up-to-date security measures, including firewall protection, intrusion detection systems, SSL encryption, and other security technologies. Our security infrastructure is regularly audited by an independent 3rd party as part of AppExchange certification.
Additional technical details of our security infrastructure:
- User Authentication. Marketsync employs “single sign on” technology which leverages the Salesforce user-authentication infrastructure. Users must log in and authenticate themselves with Salesforce prior to being granted access to Marketsync; the Salesforce-generated security credentials are then used to validate access to the Marketsync system. All Salesforce security constraints apply when users access Salesforce data via Marketsync.
- Encryption. All information exchanged with the Marketsync system – including the interactive user interface and back-end communication with salesforce.com servers – is protected by 128-bit encryption, the same level of security used by Salesforce itself.
- Firewall. The network perimeter is protected by firewalls and intrusion detection systems.
- Database Security. Database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a defined set of users and processes, and is further restricted to a defined set of interfaces as a precaution against SQL Injection attacks; as a design practice, "constructed SQL commands" are not used anywhere in the Marketsync system.
- Operating System Security. All operating system accounts are secured by strong passwords, and in addition the protection afforded by our firewall, production servers are “hardened” against security threats. All operating systems are maintained at the vendor’s recommended patch levels for security.
- Physical Security. Our production data center is located in Kirkland, Washington. The facility is protected by 24-hour remote-monitored security, and includes dedicated power and air conditioning equipment designed to ensure that we meet our promised service levels.
- Disaster Recovery. All production data is stored on fault-tolerant RAID arrays. Each night, our production databases are backed up, encrypted, and transmitted via a secure connection to an off-site storage location. Disaster recovery plans are tested regularly.