Contentsquare is committed to the confidentiality, data privacy and security of its clients and their end-users. We will continue to invest extensive resources towards maintaining the highest level of data protection, privacy and security standards.
Cloud architectureSection titled Cloud architecture
Contentsquare leverages cloud technology, and benefits from the stringent standards of cloud security maintained by our Cloud provider. These include:
- Compliance with leading industry certifications, regulations and frameworks (ISO 27001, PCI-DSS, SOC 2)
- Physical and environmental security (24-hour manned security, biometric access control, CCTV, environmental control systems with no single point of failure)
- Disaster Recovery infrastructure
Product securitySection titled Product security
Contentsquare follows a series of security best practices to ensure the availability, confidentiality and integrity of your data:
- Code development is done through a documented SDLC process which includes guidance on how code is tested, reviewed, and promoted to production.
- Code is peer-reviewed before being committed and analyzed with static code analysis tool targeting injection flaws, input validation and others potential defects.
- Yearly third-party penetration tests are performed against Contentsquare applications and public facing environment.
- Monthly automated security scans are performed in-house on all our public facing endpoints.
- Contentsquare leverages Sqreen.io as an additional layer of protection of its web-applications.
- Contentsquare has set-up a private bug-bounty program to reward relevant feedback from the ethical hacking community
Data security encryptionSection titled Data security encryption
Sensitive data in storage and in transit is encrypted using state-of-the-art algorithms:
- Data in transit is secured from the user’s browser to the application via TLS. Contentsquare TLS strength is ranked A by Qualys SSlabs.
- Technical administrative access from Contentsquare is secured with SSH (RSA 4096 bits key) over a VPN channel.
- Native user passwords are hashed using SHA-512 with salt.
- At-rest data are encrypted with AES-256
Corporate securitySection titled Corporate security
As any enterprise, Contentsquare maintains a security program to ensure that security is central to all corporate processes.
- Contentsquare has a dedicated security officer responsible for security across the organization.
- Contentsquare maintains an Information Security Management System that is certified against ISO/IEC 27001.
- Risk management program is monitored through Key Performance Indicators that are shared with all internal stakeholders.
- Security starts with the people Contentsquare employs. New employees must sign an NDA as part of their work contract and must complete Security Awareness and Data Privacy training as part of the onboarding into the organization. All employees are also reminded of best practices through internal communications.
- Contentsquare has put in place a vendor management program to ensure that third-parties and their supply chain of providers comply with its security requirements and standards.
- Contentsquare also maintains an incident response policy and procedures that lay out clear communication channels and escalation paths.
Tag integritySection titled Tag integrity
Contentsquare runs its own Tag checker service on all projects to make sure no tag file is compromised.
Every 10 minutes, this service checks that the SHA-512 checksum of Tag files served at
//t.contentsquare.net/uxa/YOUR_TAG_ID.js by our public CDN match the checksum stored in our databases.
In the event of a compromised Tag, Contentsquare is alerted immediately.