Articles in this section

Lead Gen & CRM Data Protection: Protecting Your Data

Avatar
Alex Flinchum
  • Updated
Follow

Constant Contact considers data security of the utmost importance and takes many steps to maintain data integrity.

This article will detail how Constant Contact protects data.

Article Contents

Available With:
Trial  
Essential  
Advanced  
Ultimate  
Toolbar:
n-aN/A
Users:
Administrators  
Company Managers    
Marketing Managers    
Sales Managers    
Salespersons    
Jr. Salespersons    

Audits

Constant Contact routinely audits the application, infrastructure, and security in effort to maintain a safe and secure service. The audits involved are as follows:

Audit Type   Description
Application Audits







Constant Contact goes through a quarterly PCI audit
administered by TrustWave. These audits evaluate
Constant Contact's application footprint and extranet tools for
industry-published vulnerabilities and attack vectors.
Infrastructure
Audits







Constant Contact infrastructure and development deployments—
including source code changes—are peer-reviewed,
QA-tested, and audited before every testing and production
release. These steps are taken for consistency, to protect
against potential known vulnerabilities or threats, and to
ensure product stability using a series of automated and
manual tests. 
External Audits







As both a Salesforce and Google partner, Constant Contact
continually undergoes mandatory rigorous third-party
security auditing and review to maintain necessary partner
compliance.
Security Audits







Constant Contact performs routine security audits on all servers and applies security updates as they are made available.
The Constant Contact Vulnerability Assessment team performs internal audits using a combination of both open-source and proprietary industry standard tools—such as OpenVas and Nessus—to assess the Constant Contact platform.

 


Data

Constant Contact makes a point to practice safety in the digital sphere. This safety starts and ends with data security. The ways that Constant Contact practice data safety include:

Data Type   Description
Data in Transit







All sensitive data shared between the application, extranet,
tracking endpoints, and servers is transferred using
Transport Layer Security (TLS) with up-to date-ciphers 
utilizing (at a minimum) 256-bit RSA encryption keys.
Data at Rest







Credentials are stored in an encrypted on-disk format to
prevent the data from being compromised in the event
that a data theft or data breach incident occurs.
Redundant
Architecture







Constant Contact uses a redundant server architecture (which
includes removing single points of failure and quickly having
the ability to scale) that will protect client data and the
continuity of Constant Contact's services in the event the primary infrastructure suffers loss or outages.
Data Backup







Constant Contact's backup procedures follow the basic rules of the CIA triad: confidentiality, integrity, and availability.
Backups are verified for integrity, are encrypted, are securely transferred, and are stored at both on-site and off-site locations. These backups are then verified through
reanimation testing.

Related articles

×

Why was this help article not helpful?

Still didn't find what you are looking for?