At Red Marker, we understand that our cloud platform plays a key role in helping our customers protect one of their most important resources, their brand.
We take this responsibility seriously and use secure engineering principles to build our services, architecture, software, and systems. Security principles are designed into our software systems from the earliest development opportunity.
Importance of Information Security
The security of information is a core pillar of the products and services we deliver. We manage our privacy obligations to ensure the confidentiality, integrity and availability of information are in line with Australian and New Zealand, US and European Privacy legislation.
Dedicated Security Team and Security-centric Staff
Red Marker's experienced security team comprises Red Marker’s CTO and Information Security Manager who is a certified Information Security Manager (CISM).
As a SaaS provider, Red Marker’s responsibility covers the secure handling, storage, and transfer of our client’s data. Red Marker works with its clients to ensure they understand their responsibilities and ensure they set the appropriate access control models, so the right users have the right access to their data. This ensures that clients can meet their own legislative and regulatory data privacy requirements.
Independent Assurance and Certification
Red Marker is ISO 27001:2013 certified and also conducts regular independent assessment of its applications, infrastructure and information security controls.
Maintaining Information Security
Maintaining best practice security competencies is one of our information security objectives. With the increasing regulatory and operational requirements to ensure personal information is kept secure, Red Marker systems are built with a security-first mindset.
Our software development team has a grounding in secure coding principles and techniques, as well as training in the most common website vulnerabilities (OWASP) including the ways in which an attack can progress through a system to extract information.
This knowledge enables our engineers to code and develops highly secured systems on an ongoing basis. Additionally, all Red Marker employees are required to have a firm understanding of information security in line with our Information Security Policy and undertake security training.
Supply Chain Security
Red Marker maintains strong relationships with our suppliers. Our key suppliers, such as our hosting provider AWS, have been selected for the breadth and depth of their security credentials. All of our suppliers undergo proper due diligence and thorough vetting prior to engagement including a risk analysis prior to establishing a formal relationship.
As a SaaS provider, uninterrupted access to our systems is codified in our availability service level of 99.5% uptime.
We achieve this in several ways, our infrastructure incorporates both resiliency and redundancy, our software development lifecycle is strictly controlled and managed, and backup and restore procedures are tested on a regular basis.
We maintain a live application status page at https://status.redmarker.ai