Security manifesto from mParticle’s CISO
We are committed to providing the most secure Customer Data Platform (CDP) on the market and prioritizing our customers' data privacy.
At mParticle, the security of our platform and our customers’ data is of paramount importance. We are committed to providing the most secure Customer Data Platform (CDP) on the market.
Having recently joined mParticle as the company’s first Chief Information Security Officer, I was delighted to find that security had been baked into the mParticle infrastructure, application, and company culture from the company’s formation.
After working at much larger organizations, it has been refreshing to join such a nimble and security-conscious company. Every individual at mParticle understands that they are part of the security ecosystem and that they hold a shared responsibility to protect our environment. The introduction of a dedicated security team reaffirms the company’s commitment to providing best-in-class security.
Being a cloud-native product, mParticle leverages the power and stability of Amazon’s AWS platform and takes advantage of the many advanced security features of the service, including strong authentication using multiple factors, clearly defined and enforced role-based access control, extensive logging, and industry-leading cryptographic services such as CloudHSM and KMS.
Our SDKs have been designed to offer advanced protection to customer data, using TLS and certificate pinning to encrypt data in transit. Once data is received by the mParticle API, it is encrypted at rest in the various stages of its journey through our AWS environment and again in transit when passed on to your chosen providers.
In addition to an array of technical measures to prevent unauthorized access to customer data, mParticle follows the principle of least privilege and strictly enforces role-based access control, ensuring that the bare minimum number of staff have access to any customer data. All staff and contractors are required to undertake comprehensive background checks and receive regular, targeted security awareness training before gaining access to company resources.
Our security team is on call 24/7 and collaborates closely with our operations team to maintain the availability, integrity, and confidentiality of our system at all times. To further check the security of our platform and our processes, we engage expert third-party consultants to perform a range of regular penetration testing services against our application, infrastructure, and staff. This process helps us identify and address issues efficiently to ensure we are operating securely on an ongoing basis.
To further ensure that we are following (or exceeding) industry best practices, we are in the process of aligning our security program with a number of third-party compliance certifications. We expect to gain both SOC2 and ISO27001 compliance certification during 2018.
Latest from mParticle
Unifying data to improve customer experience
Via unified and modeled data from across their seven disparate systems to decrease rider wait times and improve both rider and driver experiences.
How to augment your DMP with a CDP
Rather than CDP vs DMP, forward-thinking brands are creating dynamic martech stacks capable of collecting, transforming, and activating customer data by using a CDP to augment their DMP. Learn how you can leverage these technologies to help you turn your customer data into a growth asset.
Meet customer expectations for dynamic personalization
Manual batch processing of customer data, as is the norm for traditional customer engagement architecture, just doesn't cut it in the age of "now." Learn to create a martech stack for real-time personalization.
Get started with mParticle today
Connect with an mParticle expert to discuss how to integrate and orchestrate customer data the right way for your business.