Infrastructure, security & reliability
Security and reliability are a huge part of what we do here at Instiller and it’s something we take very seriously.
Our agencies rely on us to keep the solution online and the data of their clients secure. We constantly monitor all elements of hardware and software and we stay up-to-date with current Internet security threats so that we can add the latest security patches.
We love what we do and we take just as much pride in keeping things secure & reliable as we do when designing and developing fancy new features – security and reliability are very very important to us.
We use security patrolled tier 1 UK data centres where only authorised personnel are granted access.
An onsite security team are resident 24 hours a day on every day of the year to protect against unauthorised access and security breaches.
All of our agencies get their own separate instance of Instiller and access through a web browser, and requests made through our API, are protected by SSL Labs Grade A 256-bit SSL encryption.
Double-clicking on the lock icon in the browser address bar enables you to verify that you’re not communicating with a phishing site impersonating Instiller and provides the confidence to know that your data is secure in transit.
All of our high-level importance servers benefit from full redundancy of power supplies and Internet connections to ensure the solution stays online even when multiple servers fail.
We employ enterprise level firewalls to ensure the solution and your data reside securely within our data centres with no direct public access.
We own, develop and support every part of our solution so when you have a concern or a question you get direct access to the development team – we see this as a very important part of helping our agencies manage the questions and requirements they get from their clients.
Penetration testing and intrusion detection
All servers within our data centre are scanned for vulnerabilities multiple times each year. The range of tests performed on our servers are deployed both from external Internet servers and also from inside our own network.
Frequent testing enables us to identify any new issues so that they can be addressed as quickly as possible.
All of our mail servers run Port25 PowerMTA software that implements TLS (Transport Layer Security) to ensure delivery of secure and encrypted emails.
In addition, all sent emails are signed with 1024 bit DKIM (DomainKeys Identified Mail) keys to protect against forgery whilst in transit and SPF (Sender Policy Framework) DNS records are set on all sending domains to publish authorised ranges of sending IP addresses.
Data storage & backups
We use the very latest hardware technologies to ensure data is processed in a very fast and efficient manner whilst being instantly written to multiple disks.
We do not use the Cloud for data storage or backups, only for storing image assets.
There’s quite a lot of technical work involved with backing up as much data as Instiller is responsible for so we’ve written a separate blog post that has a digestible summary of how we go about things.
Responsible disclosure of security vulnerabilities
In the event of a security breach being discovered by our team we will endeavour to take a responsible and full disclosure approach to update any affected clients.
Our approach for managing a data security breach will be to follow the guidance set out by the ICO (Information Commissioner’s Office).
If you are concerned that your Instiller solution may have been compromised, or if you suspect any kind of unusual or fraudulent behaviour then please do not hesitate to contact our support team and we will investigate immediately.
Web browser support
We aim to provide the most usable, secure and reliable Instiller experience for all users and standards compliant modern web browsers play a large part in being able to work towards that.
In business since 2004
Since we started developing our solution we’ve worked extremely hard to earn the trust of hundreds of agencies and now we’re responsible for sending billions of emails each year on behalf of more than 7,500 brands world wide.
As we continue to grow and welcome onboard new agencies we will stay committed in our approach of providing the very best secure and reliable service.