Cybersecurity has always been of critical importance to Mariner7 and we are proud to say we have never had a security breach in the twenty-plus years we have been operating our continuously evolving performance management system. We have recently undertaken a major initiative to ensure this record continues and your Mariner7 data remains secure.
Cybersecurity breaches are increasing rapidly
In January, 2023 a research report released by Check Point Research found that global cybersecurity breaches increased by 38% in 2022 compared to 2021 and the trend was forecast to continue at an increasing rate. This escalating rate of attacks means that data security is now more important than ever. Clients and prospective purchasers of applications like Mariner7 need assurances that they are secure and that the client data they hold is safe.
Mariner7 has had its cybersecurity independently audited
To assure ourselves and our clients that Mariner7 is secure in this higher risk environment, we commissioned the international security firm CyberCX to undertake an independent security audit. They tested Mariner 7’s resilience to both a random external attack from outside Mariner7 and an internal attack from a registered Mariner7 user accessing unauthorised parts of the system or modifying the system from the inside. Testing against all issues covered within the leading penetration testing frameworks was completed in December 2022.
The results
- There were no instances where external attackers could access user data held within Mariner7.
- On initial testing, some instances were found where a highly skilled registered Mariner7 user with the appropriate technical knowledge, could potentially gain access to data they were not authorised to access. To ensure it could never occur, the Mariner7 team rectified these instances on the day we were advised of them. When retested by CyberCX these instances were found to have been resolved.
- Testing also included reviewing the security of the Single Sign-On (SSO) option offered by Mariner7. The review confirmed that Mariner7 was correctly configured and known attack methods were unsuccessful. (SSO is an authentication method that allows users to sign in using one set of credentials to access multiple independent software systems).
- The testing recommended that Mariner7 implement Two Factor Authentication (2FA) to provide an added layer of security. This is now becoming widely used by banking and other organisations and requires two separate, distinct forms of identification for a registered user to log in to Mariner7. The first is the user’s current Mariner7 password and the second is a code obtained from an authenticator app, which they then enter into the login screen.
2FA has now been installed into Mariner7 and the options for using it have been communicated to clients.
This testing has reaffirmed our confidence in the security of the Mariner7 system and we will continue to monitor it to ensure this continues as the environment changes.
