Security at Spark
About
Spark Documentation
Modification Recipes
Security at Spark
Due to the power afforded by the Edge, Security is of the utmost importance at Spark.
Actions we take
We take a number of steps to ensure your access to Spark is secure;
- Mandatory Two-Factor Authentication
All Spark accounts are secured with Two-Factor authentication via Authy, ensuring that even if your account password is compromised, you still have an additional layer of protection.
In the event that the ability to provide a 2FA token for an account is lost, we will not unlock access to that account under any circumstances.
- Spark access over HTTPS
The Spark web application is only accessible over HTTPS - ensuring that the communications between your browser and our servers are encrypted.
- Encryption of third-party credentials
All third-party credentials stored in Spark are encrypted using industry standard algorithms.
- Restricted Codebase and Server Access
We take measures to ensure that only specific employees have access to our production servers, and the codebase itself is accessible to only authorised developers.
Additionally, we are constantly reviewing and evolving our systems to protect against any new threats as they emerge.
Actions you can take
- Use a password manager
Whilst we take measures to protect your password in our database using industry best-practices, the responsibility to protect the password still rests with the account holder.
Passwords used for Spark should be strong - ideally long and randomly generated - and stored securely using a password manager such as 1Password or LastPass.