Create
Quickly build beautiful emails & multi-channel campaigns with our easy-to-use design tools and templates.
Our team is proud to provide leading organizations with a best-in-class product and a serious commitment to security.
Workshop has been independently audited for SOC 2 compliance and has received a SOC 2 Type 2 report.
Workshop is in compliance with GDPR principles. Our DPA is available online here. If you have specific questions, please reach out.
Workshop integrates with Okta, Duo, and other Single Sign-On providers (available on our Enterprise plan) using SAML.
We're deeply committed to employee privacy and will do everything we can to ensure your data is safe and sound.
Workshop follows industry best-practices with respect to our software development process. Workshop’s software development process follows industry best-practices. Our process includes extensive testing across our application and infrastructure including automated testing with every deploy.
All in-transit data is secured and encrypted with TLS 1.2 or better and at-rest data is encrypted using AES-256 encryption. All production domains are submitted to the HSTS Preload list which is included in browsers to require encryption on all endpoints.
All production information is continuously backed up to encrypted storage on AWS. Workshop has the ability to revert back to specific points in time along a stream of database changes.
All employees undergo security awareness training, use SSO and MFA for all internal tools, and use centrally managed and fully encrypted devices.
All changes to our production code require peer review before being merged. Code changes must pass comprehensive automated testing including OWASP Top 10 scanning, vulnerability scanning, and dependency scanning.
Workshop takes reasonable measures to select and engage with third party vendors. Vendor security controls, data retention, and risk are evaluated by Workshop before third party solutions are implemented.
Security and vulnerability issues in production environments and software dependencies are proactively alerted upon and addressed as soon as possible.
All engineers are required to use multi-factor authentication (MFA) for development. Production environments and data are segregated from those of development. Production customer data is not utilized on Workshop staging and testing environments.
Interested in taking a deeper dive into Workshop’s security practices and philosophy? Fill out the form below to request our security policies and SOC 2 report.
Start your week inspired and energized with our practical newsletter about positive company culture! It features actionable articles and little surprises, sent every Monday morning.
Join our waitlist to be the first to learn when it's available!
Get a live demo & your questions answered with one of our product experts.
We'll also make sure you leave with: