Marketo’s Stance on Security

Recently there have been some breaches of other Email Service Providers (ESPs) and marketing certification providers where their customer data was compromised.  Given the seriousness of these breaches, there has been a lot of media attention. We at Marketo have been following these incidents closely as well.  While the recent breaches did not affect data entrusted to Marketo, we’re very concerned about what’s happened and hope these breaches act as a wakeup call to any companies that aren’t investing in heavily in security.

A security breach can be defined as attacks that circumvent the security policies and practices of an organization. Data breaches can range from targeted exploits, such as spear phishing (targeted attacks designed to acquire user login credentials), to accidental loss of memory sticks or laptops. Regardless of the scale of the breach or exploit, you must take the proper preventative steps.

Security at Marketo

Marketo takes security very seriously.  Our CTO and co-founder is also our CSO (Chief Security Officer) so it’s clear why we’ve invested significant resources into security from the very start of Marketo.  We are continually reviewing and improving our security systems and processes.  Along with our annual third-party penetration tests as well as our own security scans with every Marketo release, many of our enterprise customers audited Marketo’s security capabilities before trusting us with their data.

Marketo is investing heavily to minimize the risk of breaches with protocols like customer data and server isolation and restrictions on employee access to data.  If Marketo were ever to be breached we would immediately implement our breach response program that includes steps to isolate the attack, minimize damage and notify our customers.

Working with Industry Associations

Incidents like the recent security breaches degrade industry trust in cloud solutions. That’s why Marketo is working to help the entire industry to improve their practices.  Marketo is a proud and active member in the Online Trust Alliance (OTA). The OTA is a collective of some of the best and most knowledgeable experts in security and security best practices.  With the recent breaches, the OTA has gone into overdrive and is working hard to develop comprehensive set of security protocols to minimize the possibility of breaches.  Marketo is committed to this OTA initiative and we hope it helps make the Internet a safer place for commerce and business.

Our Recommendations

Of course, security requires comprehensive programs, so Marketo recommends that our customers take appropriate steps and implement these best practices to secure their interactions with Marketo’s solutions, including:

  • Deleting employee accounts that are no longer active
  • Removing data that is no longer needed for business purposes
  • Upgrading the most recent and current browser
  • Deploying email authentication protocols DKIM & SPF

Marketo is committed to security of our applications and our customers’ data.  We do not take the recent breaches at other companies lightly and we intend to work with the industry to make the Internet a safer place for all of us.