Privacy and security are paramount in all we do. We integrate data protection into the design and implementation of all of our products to insure that your data and your customer’s data is secure.
We stay up to date on all regulations and compliance matters so that you don’t have to worry about your brand being impersonated and are GDPR compliant and SSAE-16 SOC II Type 2 Certified. We are in the process of securing the next level of certification for ISO 27001.
We leverage Amazon Web Services to host our environment and use a third party to conduct internal and external penetration testing to validate our perimeter and internal defensive posture annually.
Email is a primary vector for phishing attacks and data breaches. That’s a risk your business can’t afford. Email can be difficult to scale, and building and maintaining it requires specialized operational skills. At SparkPost, security is everyone’s responsibility and part of our culture. We ensure that all of our employees are trained to identify security risks and are empowered to prevent them.
Add an extra layer of security to your email account with two-factor authentication to prohibit someone from compromising your account. Simply connect any standard 3rd party authenticator app such as Google Authenticator, Duo, or Authy.
Email authentication provides a way to verify that an email truly comes from who the sender claims to be. As a fundamental component of security and deliverability, SparkPost supports SPF, DKIM, and DMARC.
Cybercriminals develop new tactics daily that can result in severe data, customer reputation, or financial loss. At SparkPost we stay on top of cybersecurity to make sure bad actors don’t impersonate your account.
SparkPost’s incoming API calls use HTTPS and are SSL/TLS encrypted. If you choose to enable Encryption: STARTTLS, then TLS will be used with incoming SMTP. SparkPost also uses opportunistic TLS for outbound messages.