Posted november 30, 2020

7 reasons your security team wants Optimizely DXP

Delivering powerful customer experiences is paramount in today’s digital-centric world.

a group of people looking at a computer screen

Investing in a Digital Experience Platform (DXP), or facets of a DXP, isn’t really even a question anymore. How and where you invest though, is definitely up for discussion. With more than 8,000 marketing technologies out there today, (according to Chiefmartec.com) how do you ensure you’re making the best and most secure technology decisions for your company?

If you’re thinking about investing in a DXP, here are seven reasons why your security team will thank you for choosing Optimizely.

1. Enjoy unmatched experience and expertise

For more than 20 years, Optimizely has hosted and managed cloud services for thousands of customers in critical industries including Financial Services, Government, Healthcare, Retail, Manufacturing and Distribution.

In 2014, Optimizely leveraged that experience to bring the Customer-Centric Digital Experience Platform (DXP) to market. Optimizely’s DXP now averages 15 go-lives per month and has over 750 live, production customers. Optimizely is continuously enhancing the DXP, most recently announcing new capabilities for intelligence and >experimentation.  

2. Leverage a single, comprehensive offering

Optimizely’s DXP is a comprehensive offering that provides all cloud services and 24/7/365 monitoring, management and support by full-time Optimizely staffed teams.  Unlike many competitive offerings, Optimizely provides a single point of contact to streamline operational responsibility. Enjoy capabilities for content, commerce and intelligence all in one place.

3. Stay protected with Optimizely’s ISMS – Information Security Management System

A systematic approach to risk, change management and security protects your data and brand with continuous auditing and improvement. Optimizely’s ISMS is based on highly regarded ISO 27001 and NIST Cybersecurity framework standards. Both you and your regulators will have confidence in your cloud service provider’s approach to assuring the confidentiality, integrity and availability of your information assets.

4. Optimizely is committed to privacy

Your confidentiality and the privacy of your customers’ data is critical to your business operations. For that reason, Optimizely continuously invests in tracking and complying with the evolving privacy regulatory landscape from business, legal and technical perspectives. Optimizely is compliant to GDPR and CCPA. We retain a Data Protection Officer (DPO), collaborate on Subject Access Requests and sign legally binding Data Processing Agreements with our customers and partners.

5. Optimizely is commited to compliance

Optimizely’s philosophy is to constantly assess and enhance our overall compliance footprint.  The DXP is continuously audited by accredited third parties. In addition we run hundreds of annual assessments, audits and vulnerability tests for our customers. The core of our compliance program is accredited third party certification to ISO 27001 and the in-process third-party certification to SSAE 18 SOC 2.

6. Datacenters are secure and reliable

DXP runs on Microsoft Azure data center regions. Each Azure facility is designed to run 24x7x365 with protection from power failure, physical intrusion and network outages. The data centers comply with more than 70 industry standards for physical security & availability. More background on azure facilities, premises and physical security is available here.

7. Pro-active, layered security model

Optimizely product teams follow a formal Secure Development Lifecycle that includes code review and vulnerability testing for each release.

Optimizely’s DXP uses an origin-shield model so your website applications deliver only authorized, encrypted traffic. All traffic flows through Web Application Firewall (WAF) and Distributed Denial of Service (DDoS) layers to prevent cyberattacks.

A flexible authentication framework enables you to leverage your existing or preferred Identity Providers such as Active Directory or Okta so you can manage your data in compliance with your corporate standards and role-based access requirements.

All customer applications and data are segregated and isolated for security and performance. All data at rest, including web content, backups and logs is encrypted leveraging automated services. Any potential security incidents are prioritized as P1 incidents and escalated to a dedicated Security Incident Response Team (SIRT).

If you want to make your security team happy when choosing your DXP, choose Optimizely. Learn more about Optimizely’s Customer-Centric DXP or discover the evolution and benefits of leveraging a DXP in your business here.