Request a Demo
Certification

Certification

CreatorIQ has a certification for compliance with ISO/IEC 27001:2013. CreatorIQ is compliant with this internationally-recognized standard, and our commitment to information security is evident at every level of our organization.
  • Scale your business
  • Optimize your influencer marketing program
  • Outpace your competitors
  • Increase your ROI

Data Center Security

CreatorIQ uses world-leading security solutions to secure our service so your data can be kept safe. Our systems are hosted on multiple Availability Zones at Amazon Web Services. This allows us to provide a reliable service, and keeps your data available whenever you need it. These data centers employ leading physical and environmental security measures, resulting in highly resilient infrastructure. For more information about their security practices, see the AWS security page

Data Center Security
Business Continuity and Disaster Recovery

Business Continuity and Disaster Recovery

CreatorIQ is committed to providing continuous and uninterrupted service to all its customers. CreatorIQ's organization has the capability to operate its critical business functions during emergency events. We have established disaster recovery and business continuity plans, and consistently backup customers’ data every day. All backups are encrypted and retained for 35 days. Our Disaster Recovery Plan is tested at least twice a year to assess its effectiveness, and to keep the teams aligned with their responsibilities in case of a service interruption.

Infrastructure and Network Security

As stated above, CreatorIQ platform is hosted across multiple AWS Availability Zones. Furthermore, our infrastructure is protected using multiple layers of defense mechanisms, including:

  • Firewalls for enforcing IP whitelisting and access through permitted ports only to network resources
  • A web application firewall (WAF) for content-based dynamic attack blocking
  • Malware protection
  • Comprehensive logging of network traffic, both internal and edge
  • Сomplex approach to vulnerability management
  • Logging and monitoring all changes
Infrastructure and Network Security
Data Encryption

Data Encryption

CreatorIQ encrypts all data both in transit and at rest:

  • Traffic is encrypted using TLS 1.3 with a modern cipher suite, supporting TLS 1.2 at minimum
  • User data is encrypted at rest across our infrastructure using AES-256 or better (AWS KMS and other)
  • Credentials are hashed and salted using a modern hash functions

Physical Security

CreatorIQ is a cloud-based company, with no part of our infrastructure retained on-premise. Our physical security in our offices include personal identification-based access control, CCTV and alarm systems. CreatorIQ data centers are hosted on Amazon Web Services, where leading physical security measures are employed.

Physical Security
Application Security

Application Security

CreatorIQ implements a security-oriented design in multiple layers, one of which is the application layer. CreatorIQ application is developed according to the OWASP Top 10 framework, and all code is peer reviewed prior to deployment to production.

Our controlled CI/CD process includes static code analysis, vulnerability assessment, end-to-end testing, unit testing which addresses authorization aspects, and more. CreatorIQ developers go through periodic security training to keep them up-to-date with secure development best practices.

External Penetration Tests

CreatorIQ conducts penetration tests on a quarterly basis, both in the application and in the infrastructure level, using trusted third-party companies.

External Penetration Tests
Access Control

Access Control

We know that our clients’ data is private and confidential. We regularly conduct user access reviews to ensure appropriate permissions are in place, in accordance with the least-privilege principle. Employees have their access rights promptly modified upon change in employment.

Security Awareness & Training

CreatorIQ understands that its security is dependent on its employees. Therefore, all our employees undergo thorough information security awareness training during onboarding, while further security training is provided on an annual basis. Additionally, all employees must sign our NDA and End-User Agreement.

Security Awareness & Training
Transparency

Transparency

Transparency is the guiding force behind our security and privacy principles. We share all of our policies with our customers, so that you always know how we’re keeping your information secure.

See why CreatorIQ can be the right influencer marketing solution for your brand

Request a demo today to connect with one of our experts.