We highly encourage you to review our privacy statement and other security related statements. However, for a very quick summary of our security practices, here are some things to consider:
- Illumineto Spark is just using standard OAUTH and API token access. We are not asking for any admin level access for any integration.
- All communication from Illumineto clients (web app as well as mobile apps) to the server is SSL encrypted. What's more, server to server and server to database communication is also SSL encrypted.
- OAUTH tokens are also encrypted using an AES-256 cipher. The decryption key is stored in a separate server from the encrypted OAUTH token.
- Access to the database that stores the OAUTH tokens are limited to two employees (who are the co-founders of the company).
- The servers are managed and secured on Microsoft's Azure infrastructure.
- A Spark Page can be password protected, with the password also being an AES-256 cipher that is different from the OAUTH token. Sending information via a Spark Page is arguably more secure than sending information via email, as most email messages are not encrypted.