BrightTarget has implemented a state-of-the-art security architecture with restrictions at all layers of our infrastructure – designed to make our platform as secure as physically possible.

car-iaas2For you and your organisation we know that confidentiality, integrity and availability of data are serious concerns. We are continually working to improve the security framework and processes within our BrightTarget marketing software, other applications, and our business. Below is a high-level description of the safeguards that we have put in place. We will continue to implement these practices over time for the protection, security, confidentiality and integrity of data processed by use of our applications.  We want you to be utterly comfortable working with us.

Data in Transit and Authentication

  • Full 256-bit SSL encryption (provided by Symantec) for secure data transmission and authentication.
  • Individual user sessions are identified and re-verified with each transaction, using a unique token created at login.

Data at Rest

  • Any Personally Identifiable Information is masked/encrypted at rest using industry best practice techniques.
  • Database tier is fully segregated from other traffic in a 4-tier architecture, in the lowest (most secure) layer.
  • Data is held at rest within the EU.
  • Client data is separated (logically) and with individual restricted access.


  • Perimeter firewalls and routers block malicious traffic.
  • Multi-tiered internal network with firewalls to segregate traffic between the public, web, application and database tiers.
  • The platform activity is monitored continually; with events reported to an event management system for logging, alerting, and response.


  • Platform hosted across multiple availability zones / hardware – ensuring near 100% system availability.
  • Auto-scaling virtual infrastructure allows flexibility to handle huge demand fluctuations.

The platform is PEN tested by NCC Group – details of which can be provided upon request.

NCC Group Logo