Enterprise Level Security

Your Work is Safe With Us

Information Security Policy

Built to Be Secure

Built to Be Secure

We take your security and privacy seriously. That is why we have created the safest possible processes available to ensure that our service is stable and that there are no security gaps.

We Work Well With Others

We Work Well With Others

The Instapage Information Security Policy is based on the ISO/IEC 27001 standard.

Communication and Operation Management

Cloud Security

Cloud Security

Instapage is a cloud-based solution, serviced by Google and Amazon cloud services. All stored and transferred data is encrypted.

Encrypted Communication

Encrypted Communication

On certain Instapage plans, SSL certificates are available for all custom domains at no additional cost. SSL certificates for all landing pages created on any custom domain are available.

This feature gives users the ability to verify that a website is valid and authentic, confirms that the connection is from a legitimate website, and that all interactions between the browser and the website are secure and encrypted.

If you operate in a sector that adheres to strict security and privacy standards (e.g. PCI-DSS or HIPAA), or collect information and transact, our SSL feature makes it easy to satisfy security policies laid out by your IT and/or legal teams.

Session Management

Session Management

Each time a user signs into instapage.com, they receive a unique session identifier. Each session identifier is 64-bytes of random data to protect against brute force logins.

When signing out, the session cookie is deleted and the session identifier is invalidated on all Instapage servers.

Network Security

Network Security

Instapage regularly updates its network architecture schema and data flows between systems.

Firewall rules and access restrictions are reviewed for appropriateness on a regular basis.

Host Security

Host Security

All hosts run centrally managed endpoint protection software, this includes:

  • Antivirus (regularly updated with security patches)
  • Full disk encryption
  • Browser check
  • Host intrusion prevention system to control and prevent unknown or suspect network flow
Access Control

Access Control

Access to a customer’s information is restricted within Instapage and is only authorized for the purposes of providing direct customer support or for future product enhancements. Under no circumstances is sensitive customer data shared with anyone outside of Instapage and its subcontractors.

User Permissions

User Permissions

Add multiple users with different roles and choose which of your client accounts can be accessed without having to share your private login details.

System Development and Maintenance

Security Program

Security Program

Instapage security meets OWASP standards for software and adheres to all applicable legal, statutory, or regulatory compliance obligations.

Information Security Incident Management

Information Security Incident Management

Information Security Incident Management

Instapage has a rapid response Security Incident Response Plan designed to quickly and systematically respond to any security incidents that may arise. The incident response plan is tested and refined on a regular basis.

Business Continuity Management

Disaster Recovery

Disaster Recovery

Our infrastructure is designed to provide stability and to minimize service interruption due to hardware failure, natural disaster, or other catastrophes.

Data Replication

Data Replication

To help ensure availability in the event of a disaster, we replicate data across multiple data centers.