Scalable, protected and accredited
The dotmailer platform is built to protect your company and its data, when managing your communications.
- Pages pass data over TLS.
- dotmailer supports encrypted data transfers.
- Access to the dotmailer platform is through a web form login with optional two-factor authentication.
- All users of the dotmailer platform are required to change their passwords every 90 days.
- Passwords are hashed using a NIST approved cryptographic implementation.
- Our web login page and API enforces rate limiting to protect against brute force attacks.
- Account access rights (import, export, read, write and send) are configurable to your needs and managed by your administrator user.
- All your users are set up in the platform by your administrator user. Verification is by email and SMS.
- All data is virus scanned when uploaded to the platform.
- Our Watchdog service constantly monitors customer contact uploads. If these change from a usual pattern it automatically stops uploading. This process also protects our customers from sending to spam traps that can affect delivery.
- Emails are sent using opportunistic TLS, employing authentication and validation systems such as DKIM and DMARC.
- Payment processes are fully PCI-DSS compliant.
- Granular access control permissions can be assigned to managed users.
- Campaign links are checked against lists of high risk domains to prevent malicious use of the platform.