FEATURED CONTENT
Local Marketing Examples
15 examples of brands with great local marketing campaigns.
ROI Branded Templates
Discover the benefits of Templates
Trends 2024 NEW
Distributed marketing trends to watch in 2024.
Localized Marketing HOT
Strategies to boost your business's visibility and sales
Brand Localization
A short guide to Brand Localization
Franchise Marketing
What is franchise marketing? A complete guide.

Security

Last update: January 2024

Customer trust and data security are critical to everything we do at Marvia. Every day we ensure that our security is parallel with industry standards and compliance. 

Software Security


SSO

Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials.

Permissions

Marvia is a SaaS subscription accessible globally via a web browser. A strict roles system secures our solution. We enable permission levels within the tool to be set for users and groups. Permissions can be set to include:

  • Access to modules/ features
  • Access to actions
  • Access to content.
  • Rights within templates 
  • Access to designated parts of the admin
  • Rights to download/ order with or without workflow


Password and Credential Storage

Marvia enforces a password complexity standard and uses OpenSSL encrypt and decrypt to store credentials and sensitive data. The encryption algorithm is specified by the Advanced Encryption Standard (AES).

Uptime

We have an uptime of 99.9% or higher. 


Network and Application Security


Data Hosting and Storage

Marvia's services and data are hosted in Amazon Web Services (AWS) facilities in Frankfurt (eu-central-1). All hosting and storage are 100% aligned with the restrictive EU data protection laws. AWS is renowned for rigorous security. For their hosting compliance, please visit AWS Amazon.

Failover and DR

Marvia was built with disaster recovery in mind. Our infrastructure and data are spread across 3 AWS availability zones and will continue to work should any one of those data centers fail.

Virtual Private Cloud

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests from getting to our internal network.

Back-Ups and Monitoring

On an application level, we produce audit logs for all activity. Our Certified AWS hosting and Security partner Webslice manages the server logs within AWS. All actions and activities in the Marvia application are logged in the database. Our database is backed-up every 24 hours. 

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job. Marvia is served 100% over HTTPS. We have Single Sign-on (SSO) and strong password policies on Google, AWS, and Marvia to protect access to cloud services. 

Encryption

All data sent to or from Marvia is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS/SSL only. SSL/TLS certificates are used to secure network communications and establish the identity of Marvia over the Internet and resources on private networks.

The SSL and TLS protocols use an X.509 certificate (SSL/TLS server certificate) to authenticate both the client and the back-end application. An X.509 certificate is a digital form of identification issued by a certificate authority (CA). It contains identification information, a validity period, a public key, a serial number, and the digital signature of the issuer.

Pentest and Vulnerability Scanning 

Marvia uses third-party security tools to scan for vulnerabilities continuously. Periodically we engage third-party security experts to perform detailed penetration tests on the Marvia application and infrastructure. 

Incident Response

Marvia implements a protocol for handling security events, including escalation procedures, rapid mitigation, and post-mortem. All employees are informed of our policies.

In case of a 'critical incident' or 'security breach', Marvia will immediately inform its clients. Marvia will take all necessary steps to reduce the impact and prevent a recurrence. 


Subprocessors

Marvia uses the following subprocessors:

  1. Amazon Web Services (AWS): for physical server hosting of the application
  2. Webslice: for managing the servers at Amazon 


Additional Security Features


OS Protection

All Marvia employees are obliged to work with up-to-date operating systems and software. Internal rules around a clean desk, clear screen, encrypted laptops, password managers, 2FA, mobile storage devices, and virus scanners are described in the Marvia Employee Handbook.

Physical security

Marvia has a set of measures in place to guard the physical security of its employees and office. These are described in our internal security policy and are reviewed annually. 

Training

All employees complete Security and Awareness training annually.

Policies

Marvia has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.

Confidentiality

All employee contracts include a confidentiality agreement.

 

Security Questions?

If you think you may have found a security vulnerability, please get in touch with our security team at security@getmarvia.com. Make sure you check out our responsible disclosure and bug bounty policy first. 

Learn more about Marvia by reading our Privacy Policy