Keeping your data secure is a top priority for Signpost.


Signpost has received both SOC 2 and ISO 27001:2013 certifications for our CRM and marketing automation services.


Hosted Infrastructure

Signpost’s product is hosted on Amazon Web Services (AWS), a cloud computing platform with built-in end-to-end security features. Signpost implements the best practices recommended by AWS to ensure our systems are well secured in the AWS cloud. For more details regarding AWS security, please refer to


Communication and Data

At Signpost, we care deeply about protecting our customer’s data; to achieve this, we work hard to protect personal identifiable information (PII) along with any other sensitive data we handle through access control and encryption. To protect access to Signpost’s internal systems and data we adhere to the principle of least authority (PoLA). To protect Signpost’s data, we require encryption on all incoming and outgoing communication (via TLS) and data-at-rest, whenever possible.


Continuous Improvement

Achieving and maintaining best-in-class information security is never done. That’s why we perform quarterly vulnerability scans of our web applications to ensure we are protected against the latest attack vectors. We keep security at the forefront of our employees’ minds with regular security awareness trainings and assessments. Most importantly, we stay vigilant by performing risk assessments across all our processes and systems multiple times a year. These are a few of the many ways Signpost works tirelessly to continuously improve our information security.


Security Vulnerability Reporting

If you believe you have found a security vulnerability in any Signpost product, we encourage you to let us know right away by emailing [email protected].


California Consumer Privacy Act

In compliance with the California Consumer Privacy Act, Signpost will respond to all qualifying personal data requests. To submit a request, please email [email protected].