We always transmit data over HTTPS. Every instance, from when our customers view the data to when we collect data through native integrations, we communicate over HTTPS.
Data Connections Read Only
Connecting to data sources is simple with Malartu. When we setup our integration with a data source we prioritize OAuth connections. This is the most secure way to connect with a data source, and our standard to ensure your data is secure when connecting with us.
That said, not all integrations offer this standard for connecting with 3rd parties. In these cases we collect the minimum information required for our connection. We store this information in our secure database (see storage below)
We only ever require read-only access to get your data. Our standard is read-only access for integrations that provide a way for us to gain read-only access to your data. In some cases, especially with respect to our integration to older software programs, companies do not offer read-only access, in which case, we only ever interact via read requests (we will never, ever change your data.) We always maintain at least the same level of security as the programs we pull data from.
User Information and Passwords
We never store passwords as plain text. Once a password is set, it is stored as a salted password hash (using bcrypt). On login, we can only compare the password entered to the hashed value in our database. We are not able to convert this salted password hash back to your password, which is why we are not able to recover your password.
Our data storage is hosted securely in our own VPC with restricted access to applications running inside our VPC. This means the database is only accessible to our own applications that have been granted access. The data is encrypted at the lowest level to ensure the security of the data we have stored.
All request to and from our database are done over SSL. This ensures the security of the data transmitted.
For more information about Malartu security, contact us at firstname.lastname@example.org