Security at Spark

Security at Spark

Due to the power afforded by the Edge, Security is of the utmost importance at Spark.

Actions we take

We take a number of steps to ensure your access to Spark is secure;

  • Mandatory Two-Factor Authentication

    All Spark accounts are secured with Two-Factor authentication via Authy, ensuring that even if your account password is compromised, you still have an additional layer of protection.

    In the event that the ability to provide a 2FA token for an account is lost, we will not unlock access to that account under any circumstances.

  • Spark access over HTTPS

    The Spark web application is only accessible over HTTPS - ensuring that the communications between your browser and our servers are encrypted.

  • Encryption of third-party credentials

    All third-party credentials stored in Spark are encrypted using industry standard algorithms.

  • Restricted Codebase and Server Access

    We take measures to ensure that only specific employees have access to our production servers, and the codebase itself is accessible to only authorised developers.

Additionally, we are constantly reviewing and evolving our systems to protect against any new threats as they emerge.

Actions you can take

  • Use a password manager

    Whilst we take measures to protect your password in our database using industry best-practices, the responsibility to protect the password still rests with the account holder.

    Passwords used for Spark should be strong - ideally long and randomly generated - and stored securely using a password manager such as 1Password or LastPass.