Built with security at our core
Security is critical at mParticle and has been baked into our technology and culture from the start. It is the goal of mParticle to not only comply with the law, but to be a diligent guardian of our customer, prospect and employee data. Where possible and in line with the needs of the business, mParticle will take additional steps to employ best practices not required by law.
- Secure, audited infrastructure and processes
Transport Layer Security (TLS) encrypts your data-in-transit while certificate pinning prevents your data from being intercepted by man-in-the-middle attacks.Various types of encryption options are used across our stack and AWS environment to protect data-at-rest and in-transit. To ensure the security of your data, we also regularly perform vulnerability scanning, patch management, and penetration testing.
- Secure development lifecycle
Security best practices are incorporated into every step of our development lifecycle. Security is built into checkpoints from initial developer design to code to build validation and deployment. mParticle works with both independent external security researchers as well as its own internal security team to regularly validate the security of its design and service implementation.
- Corporate security
Security awareness is an ongoing procedural and educational process throughout employment with mParticle. Our security team performs progressive social engineering tests and awareness campaigns to mitigate phishing attacks and build security into the culture of the company. We actively reduce the attack surface by limiting the number of personnel with access to production. Additionally, mParticle’s Chief Information Security Officer reports directly to the CEO to ensure top-down prioritization of security throughout the company and service.
- Breach response and recovery
Trust is earned. Beyond the security measures put in place across our organization and platform, we vow to uphold your trust by communicating critical information that could affect your data. In the event of a breach, we have both procedure and policy in place to minimize access to secure data. As a part of our breach response process, customers will be notified of any material incident and we will work to ensure business continuity and aid in disaster recovery.
At mParticle our dedicated Security Team provides 24/7 coverage and is tasked with defending our application, networks, and all data that passes through our systems from any and all threats.
Cheif Information Security Officer