Security at MailMaestro

Data Security

MailMaestro encrypts data at rest and in transit for all of our customers. We use tools such as Amazon Web Service’s Key Management System (KMS) to manage encryption keys using hardware security modules for maximum security, in line with industry best practices.

Application Security

MailMaestro regularly engages with some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the running application and the deployed environment.MailMaestro also uses high-quality static analysis tooling provided by GitHub’s Dependabot or AWS Inspector to secure our product at every step of the development process.

Infrastructure Security

MailMaestro uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS, GuardDuty, and Inspector. In addition, we deploy our application using AWS Lambda functions, meaning we typically do not manage servers or EC2 instances in production.

Organisational Security

All employees complete ongoing security training, which includes topics such as information security, data privacy, and password security. MailMaestro maintains vendor risk management practices to ensure third parties are scrutinized and maintain expected levels of security controls.