1) When logging into an account we support SSL encryption, but we will only enable it automatically for the login page and the billing pages. If you need SSL encryption in other places, you can simply add “https” to any admin area URL. Basically it’s the same type of format that services such as Gmail for example use to manage user account access.

2) From a recipient data specific stand point, all accounts receive a unique database. Should an account owner ever reach out to our support team for assist, a support member can shadow an account. Otherwise employee access on our end is limited. Note our privacy policy for additional insight

3) Outside of list data, credit card information is encrypted and obfuscated, but nothing else is for performance and capability reasons.

4) All of our servers have the root logins removed and use a highly encrypted login that is changed every 30 days. The servers themselves can only be access through 1 ip address which is within our engineering segment. The servers are protected by a Firewall and if 3 failed attempts in a row come from 1 ip address they are then banned to try to login again and we are alerted immediately.

Data Centers

Emercury uses two separate world-class data centers that manage our application, database, and delivery servers 24/7, have redundant power supplies, redundant cooling systems, and redundant networks.

Delivery Servers

Emercury is not just “a string of Sender servers.” We use multiple MTA servers, which are known for their scalability, delivery speed, best practices, and advanced bounceback processing. It’s our own proprietary MTA and is well balanced. If one is busy it moves right along to the next. The MTA follows best practice guidelines.

Data Security

All private information such as account passwords are encrypted. Our own staff can’t even view them. If you lose your password, it can’t be retrieved – it must be reset. All login pages are 128-bit secure and account data is mirrored and backed up regularly off site.

Separate Databases

All large account databases are kept separate and distinct to prevent corruption and overlap. All accounts no matter what size are in a separate database. We don’t believe in sharing databases no matter how small they are.

Public Website

The public website is not hosted in the same subnet as our application and customer database servers. It is hosted at a separate location in order to prevent traffic surges (such as from marketing activities) from affecting our application.

Website Vulnerability Scans

Minor content updates to our public website (such as by the marketing staff) can actually cause unintentional security breaches. That’s why we use Trendmicro to constantly scan our public website for vulnerabilities.

Datacenter Security

Our DC is secured by keycard access, security guard and is monitored with infrared cameras.

Employee Background Checks

All new employees who have access to customer data (such as tech support and our engineers) undergo background criminal history and credit checks prior to employment.