Markmonitor and our subsidiaries (“we,” “us,” or “Markmonitor”) take the security of customer data seriously. We take a 'defense in depth' approach to secure data on multiple levels, including physical, network, host, software and user account security.
We maintain industry-recognized certifications such as ISO-27001 and SOC 2 and undergo an independent third-party penetration testing assessment annually. We have implemented internal policies and controls to help ensure that customer data is protected and only accessed by authorized employees in the performance of their duties.
Where we engage third parties to process customer data on our behalf, they do so in accordance with our written instructions under a duty of confidentiality, and they are required to implement appropriate technical and administrative measures to ensure data is secure.
More specifically, Markmonitor maintains confidentiality by ensuring that only people who are authorized to use the data can access it; integrity by ensuring that data is accurate and suitable for the purpose for which it is processed; and availability by ensuring that authorized users are able to access and use the data they need for authorized purposes in a timely and reliable manner.