As a marketing agency or consultant, your clients count on you to safeguard their business proprietary information. After all, nobody wants their prospect or customer lists to fall into the hands of a competitor. They’ll also be concerned about the reputational risks and potential exposure of a data breach, as consumers become more protective of their personal information online.
The data in a marketing automation system is more sensitive than one might initially realize. Imagine having a cybercriminal surreptitiously mass emailing your client’s customers with a phishing campaign in their name. Hackers can also cross-reference email addresses with personal details such as names, phone numbers, postal codes, and birthdays to breach other online accounts. They might do this by exploiting weak “password reset” mechanisms, or by “social engineering” undertrained customer support reps.
Don’t end up in the news by having any of your clients breached. The Autoize™ Marketing Automation Solution powered by Mautic is set up and secured in your agency’s own cloud tenancy by experienced server architects. Root access to the servers is protected by strong SSH keys, which are issued to you at the end of the onboarding engagement.
With our architecture, the processes for each organization’s instance of Mautic are also isolated by their own Docker container, even with multiple clients on the same Docker host. This is much more secure than a conventional shared hosting server, like a cPanel server. If you have multiple Docker hosts in a Swarm on our “Professional” package or higher, the “west-east” traffic is also encrypted between Docker hosts.
The MySQL database service on the backend of Mautic sits safely within your virtual cloud network, protected from the public Internet by a network-level cloud firewall. It only allows connections from authorized servers, such as your Docker hosts within your virtual private cloud’s subnet.
As soon as an instance is added to the Autoize™ reseller infrastructure for Mautic, the edge router, Traefik, discovers the service and begins routing requests made to the hostname on the external IP address to the internal container IP. If the subdomain hasn’t been added before, Traefik automatically gets an SSL certificate from Let’s Encrypt to serve HTTPS requests.
All modern browsers and search engines require that apps and websites are served securely over HTTPS. In fact, Chrome (and Chromium-based browsers) will not load Mautic’s embedded tracking code unless the address of a Mautic instance has a HTTPS prefix. More importantly, the in-transit encryption protects the dashboard login, contact imports, and Mautic form submissions.
To prevent downtime from certificate errors, the certificates are automatically renewed and re-deployed prior to expiry. This simplifies operations by eliminating the need of a system administrator to manually update the certificates.