We don't want to expose much about security because it can help the hackers that we're securing against. We’ve taken security very seriously from the beginning. Every line of computer code has been scrutinized. Here's a wee bit about security that we can share:
- Passwords are irreversibly hashed and salted. Passwords cannot be broken—they can only be reset. We deploy brute force protection, log password failures, and will suspend an account for irregular or suspicious login activity.
- Password resets trigger email notifications to the account holder.
- Customers are encouraged to use two-factor authentication (email or text).
- All login pages pass data via SSL/TLS. The entire Konvey application is encrypted with SSL.
- We use SSL/TLS-protected landing pages.
- All system generated hyperlinks are tamper-proof.
- Automatic image resizing is protected against resizing attacks.
- We deploy world class Mail Transfer Agent(s) (MTAs) in a highly secure data center. It is worth noting, roughly 70% of our industry uses the very same MTAs.
- We deloploy firewall-level intrusion prevention.
- We have DDOS mitigation in place.
- Databases are clustered and organized into instances.
- Account data is mirrored and backed-up regularly.
- Our integrations team can deploy optional database-level encryption.
- Our data center(s) are physically secure and deploy all the stuff that host centers brag about.
- We carry Errors & Omissions Liability coverage.
Konvey was built to be among the most secure email marketing platform in the industry. None of this means that we're impenetrable or hacker safe, but we work hard to ensure that your data and our application continue to be secure.