Secure Modern Commerce Operations

Protecting the security and privacy of customer and cardholder data is as much of a priority for Demandware as it is for you. We are continuously implementing robust technical and organizational security controls into the Demandware Commerce Cloud to ensure that your commerce operations remain reliable, compliant and secure – all without adding extra costs or infrastructure.

Complies with industry and regulatory standardsicon

Complies with industry and regulatory standards

The Demandware Commerce Cloud satisfies the security and compliance requirements of some the world’s most complex retail organizations. We regularly pass third-party compliance audits and are compliant with the requirements for PCI-DSS, SOC2, ISO 27001, and TRUSTe Certified Privacy. Demandware also participates in the Safe Harbor framework.

Ensures security best practices

Demandware applies security best practices at all levels of the organization – including people, technology and operations, creating a complete defense-in-depth environment. Our global datacenters are provided by top-tier co-location service providers and all infrastructure is housed in private cages with redundant power, network and HVAC systems, and 24x7 physical security.  Our dedicated security team constantly evaluates our environment, recommends improvements, and monitors our overall security posture.

Ensures security best practicesicon
Enables continuous and reliable retail operations icon

Enables continuous and reliable retail operations

Security countermeasures are built into the Demandware Commerce Cloud for threat and risk-based defense-in-depth and remediation of common attacks like Distributed Denial of Service (DDoS). The Demandware platform deploys intrusion detection systems with comprehensive logging and alerting, as well as vulnerability monitoring and mitigation using both internal and external scanning tools.  A dedicated Technical Operations Team provides 24/7 coverage of the Demandware Commerce Cloud. The security team ensures security of the platform and performs frequent tests including periodic vulnerability scans and penetration tests.

Protects retailer and cardholder information

Security best practices are fully incorporated into the Demandware Commerce Cloud. The platform is continuously monitored for unauthorized access and protected by redundant security devices. Logs are monitored and reviewed on a regular basis. All sensitive information is encrypted at rest and in transit, and connections between application tiers are tightly controlled. Data is stored in highly redundant storage systems with full disaster recovery capabilities.

Protects retailer and cardholder informationicon
Leverages most advanced security resourcesicon

Leverages most advanced security resources

Through Demandware’s participation in many security communities we can leverage critical threat and vulnerability information in a timely manner. Demandware participates in leading organizations as active participants, which helps retailers by leveraging not only Demandware’s expertise, but also the aggregated knowledge of many security professionals. Demandware works closely with the Center for Internet Security, R-CISC, as a Participating Organization in the PCI Security Standards Council, and as Corporate Member of the International Association of Privacy Professionals. 

Search terms must be at least 3 characters long