Our Commitment to Security

GDPR compliant
Marker.io has ensured that your data is handled
securely and complies with the European GDPR framework.
SOC 2 Type II
Marker.io has ensured that it adheres to data security, availability and confidentiality standards developed by SOC 2.

🌐 Hosting and Storage

Marker.io is hosted in Amazon Web Services (AWS) data center located in Europe region, Ireland. AWS data centers are monitored by 24×7 security, biometric scanning, video surveillance and more. AWS is SOC2 and ISO-27001 certified.

🔐 Encryption

Marker.io encrypts your data aligning with industry-tested and accepted standards. We use TLS 1.2 to encrypt network traffic between users' browsers and the Marker.io platform. We also use AES-256-bit encryption to secure your database connection credentials and data stored at REST.

🔌 Integrations Security

Integrations are a big part of what makes Marker.io special. We use the OAuth standard to authenticate you and get permission to access your tools. We never get your passwords, we encrypt all data, and you can revoke access anytime, easily.

👀 Logging and monitoring

We have a team of engineers on staff monitoring our infrastructure for cybersecurity events or threats. They rely on tools such as AWS Cloudwatch and other tools to ensure the effectiveness of our protective measures.

🚨 Incident response

Marker.io implements a protocol for handling security events and other operational issues which includes escalation procedures, rapid mitigation, and post-mortems.

You can visit our status page for updates.

🌩️ Disaster recovery

All of our production infrastructure is built with redundancies in place, in highly-available configurations spread over two different availability zones in the eu-west-1 AWS region.

🚪 Penetration Testing

We hire an external firm each year to conduct penetration testing at the network and application levels.

👨 Employee training

All employees and contractors complete security training, including topics like information security, data privacy, and password security. They also sign a confidentiality agreement before working with Marker.io.

🔑 Access controls

Our approach will always be to provision on a ‘need-to-know’ basis. Only a limited number of skilled engineers, whose job function is to support and maintain the Marker.io environment, are permitted access to Marker.io’s production environment. SSH keys and credentials are rotated regularly and 2-factor authentication is enforced whenever possible.

💳 Payment processing

Marker.io uses Stripe to process payments and does not store personal credit card information for any of our customers. Stripe is certified to PCI Service Provider Level 1 which is the most stringent level of PCI DSS certification available.

💽 Backups

All customer databases are backed up every 6 hours. We replicate core databases across multiple zones in the event of a site disaster.

🛡️SOC 2 Type 2

We are audited by an external firm each year to ensure that we adhere to the security standards set by SOC2.


Want to learn more?

Read security & privacy docs