Security & Privacy

• Fully ISO 27001 Certified
  Qmarkets is officially ISO 27001:2013 certified across all business operations  
• SOC1 & SOC2 Certified Data Centers
  All our global hosting sites and data centers are also SOC-1 and SOC 2 & PCI-DSS certified 

• Enterprise Security Policies & Processes
  Covering all aspects of our service and operations, Qmarkets has well defined and scalable security policies and guidelines, covering network security, physical security, incident handling, encryption and key management, backup and DRP, development processes, remote access, service termination, HR hiring and more
• Quality Management
  Qmarkets is certified for ISO 9001:2015 

• Carbon Footprint
  ISO 14001:2004

Qmarkets is fully compliant with GDPR and all other common local privacy laws and regulations. We take great care in making sure that we follow those regulations, acting as a Data Processor, especially around data storage and processing by geographic region, data anonymization and pseudonymization, correct handling of data from past users/employees, and of course – anything to do with data security, as detailed on this page. 

Qmarkets signs a separate Data Privacy Agreement (DPA) with every customer, following your DPA templates and agreement.  

Our data centers are all equipped with the following physical safety measures: 

• Building and Perimeter
  Ballistic glass enclosed security check-in, front window areas and loading dock 

• Access Control
  Electronic security features with key-card access and dual authentication with biometric readers 

• Security Guards
  Staffed 24/7 

• CCTV
  24/7 surveillance covering the interior & exterior of the facility 

Our network is fully protected, including these key security measures: 

• State-of-the-Art Encryption
  All internet traffic is always encrypted using 256-bit SSL encryption (HTTPS / SSH) using modern high-end encryption protocols, and all customer data is stored in encrypted storage  

• Powerful Firewalls
  Firewalls protect all access to our servers from the internet 

• Secured Traffic
  All IP ports to internet are closed, aside from HTTPS and SSH 

• Optional Access Restriction
  We can limit access for your users to your intranet/VPN IP addresses (optional) 

• Advanced Password Protection
  Strong password policies are used by all equipment and servers 

Idea Management Deployed at Your Service 

If you prefer deploying our software on your servers (inside your intranet network), rather than using our “hosted/cloud” model, you are not alone. ~15% of Qmarkets’ customers select our on-premise solution for its scalability and ease-of-use. 

• Seamless Deployment
  Deployable on all common hardware & Operating System (OS) platforms using either Windows or Linux 

• Fully Compliant
  Tailored to your IT department’s guidelines, using the hardware & OS preferred, or even on your virtual servers 

• Dedicated Support
  Our staff will guide your IT personnel both through the installation process and on an ongoing basis, providing professional and timely T2-T4 SLA support 

• Quick & Easy
  Installation itself is very simple using standard tools. Our deployed solutions provide the highest level of data protection available, as security is fully controlled by your network specialists 

• SSO Authentication
  Single-Sign-On is a de-facto standard for Qmarkets, with 98% of our customers using the standard SAML 2.0 protocol   
• Strong Password Policies
  Used as a fallback method, in cases where SSO is not available, or in the case of involving end-users that are outside of your existing network 

• Permissions & Confidentiality
  Powerful role and permission mechanisms allows you to control the data your users have access to, and the actions which they are able to take. These permissions govern every aspect of  behavior within the platform, starting from high level system roles, roles per tenant or campaigns, and even the ability to control the confidentiality and visibility of specific ideas or specific sections within an idea