MacPaw: Cybersecurity as a backbone
MacPaw has always been paying attention to cybersecurity. First and foremost — we ensure our customers are secure using our products. We also help increase their personal digital safety. We're using our company's solid expertise in cybersecurity to protect customer data and all operations.
Customers expect our services to work even during a hurricane, pandemic, or war. That’s why, in addition to the protected infrastructure, MacPaw has a strong cybersecurity team that ensures each macpawian is safe and aware of modern cyber threats and ways to defend.
So, let’s look at where we are now regarding cybersecurity.
At MacPaw, we have a highly proficient security team. It follows a feedback culture that allows reacting to internal threats quickly and helps to improve gaps in missed security controls. Each security team member is responsible for different corporate and product security aspects.
Head of Information Security
Leads the team, defines strategic initiatives, evaluates security performance, and communicates with key company stakeholders.
IT Security Engineer
Works on team members' internal security and safety to ensure their laptops, network, and data are safe. Security Engineer monitors all malicious or suspicious activity and reacts to it. Security Engineer also works on the security awareness of the team. Working closely with the IT team, the Security team improves work quality and automation alongside personal and office security without intruding into the business processes.
Security Operation Engineer
Responsible for integrating security practices into each step of the software development lifecycle and implementing security checks for source code and dependencies. Also, a considerable part of the SecOps work is related to infrastructure security. Security Operation Engineer monitors and checks cloud configuration for compliance with security best practices.
Security Application Engineer
Helps the development team review features from a security perspective, conduct threat modeling, and review findings from security pipelines. The Security Application Engineer reviews all reports from the Bug bounty program as well.
IT Compliance Analyst
Maintains security compliance with applicable best practices in security and IT areas, leads the implementation processes of security standards (for now, ISO/IEC 27001), vendor assessments from a security perspective, and leads internal security audits. Also, the essential part of IT Compliance at MacPaw is increasing the maturity of processes by building the process design and appropriate description in the internal regulations.
Stays on the front line of cyber defense, detecting and responding to any cyber-attacks that might occur. Security Analyst reports on cyber threats and implements any changes needed to protect the company. The main goals of the security analyst are to implement and manage security monitoring tools and detect, investigate, contain and prevent cyberattacks.
MacPaw's cybersecurity mindset
Since the russian full-scale invasion of Ukraine, protecting our users' data has become even more crucial than ever. MacPaw hosts this data and all infrastructure on Amazon Web Services. All physical servers are stored worldwide (USA, UK, and Ireland) and are safe and sound. MacPaw doesn't store any vulnerable data on Ukrainian servers.
MacPaw works with a reliable payment provider — Paddle.com, a worldwide-known reseller operating in 245 countries and territories. The Paddle's team and technical resources are located in the United Kingdom.
Safe and sound with our products
ClearVPN, launched in 2020, is a hassle-free VPN solution for users who want to expand and protect their online experience. Unlike other VPN apps, ClearVPN focuses on user experience and users' actual needs. Users can upgrade their online journey hassle-free with just one tap, while ClearVPN ensures all traffic remains private and secure.
ClearVPN has a strict no-logs policy and industry-grade encryption protocols to ensure the user's connection is private and secure.
ClearVPN uses AES-256 encryption to eliminate security vulnerabilities and achieve a high-speed connection; the app relies on its custom protocol and IPSec IKEV2 and OpenVPN. Browse, play, stream or communicate without any tracking from the ISPs. Additionally, we have a zero-logs policy. MacPaw doesn’t store, share, or even collect users' online activity, personal info, IP address, etc.
In 2021 ClearVPN was selected as the winner of the "Mobile VPN Solution of the Year" award from the CyberSecurity Breakthrough.
In 2022 ClearVPN won the "Hot Company VPN" award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine.
SpyBuster is an entirely free on-device anti-spyware app that helps users effortlessly secure their data by weeding out apps and web connections reporting to unwanted servers. SpyBuster does two jobs — scans your device for installed apps with known ties to russia or belarus and monitors if data is being sent to russian or belarusian servers when the app is in use.
SpyBuster is MacPaw’s answer to the full-scale invasion of Ukraine by russia. The app was created in less than a month by our developers inside bomb shelters.
SpyBuster premiered as a macOS tool in March of 2022. By June, it debuted as a Chrome extension that alerts users to suspicious website connections and visualizes them on a map. The Static Analysis functionality of SpyBuster also got added to CleanMyMac X as part of its Uninstaller module. The much-anticipated iOS version of the anti-spying tool SpyBuster became officially available in July 2022.
In November 2022, SpyBuster was shortlisted for the Cyber Security Awards 2022 in the category Cyber Not For Profit Team of the Year.
CleanMyMac X is an all-in-one package to awesomize Mac. It cleans megatons of junk and makes computers run faster. It scans the entire macOS, removes junk and malware, and brings a Mac back to its original fast performance.
CleanMyMac helps users check their Macs for vulnerabilities and find potentially unwanted apps or activities inside the Uninstaller and Malware Removal modules. Malware Removal modules work on the MacPaw-developed engine. It's an anti-malware solution built into CleanMyMac X. It provides real-time monitoring, searches for malware on users' computers, and constantly updates the database of different types of malware that may exist on Macs.
In March 2022, part of SpyBuster's functionality was integrated into CleanMyMac – a new category of apps in the Uninstaller module — Suspicious, if users want to find and uninstall potentially threatening software quickly. In the Suspicious apps category, users can find apps developed or hosted in Russia and Belarus as they may threaten Mac or data safety.
Setapp is the place to pick day-to-day Mac tools.
At the end of 2021, Setapp achieved SOC 2* Type I certification to ensure users that apps inside the platform are safe. SOC2 certification, or Service Organisation Control (SOC) 2 audit, is a popular auditing standard created to assess a company's compliance with industry-leading standards for managing and securing customers’ data. The independent Boulay Group conducted Setapp's audit and affirmed that Setapp's information security policies and practices meet the security trust service principle.
On top of that, Setapp added a Security app collection to help users keep their devices secure and protected from unauthorized access.
At the end of the day, MacPaw follows three simple cybersecurity principles: we understand tomorrow’s threats today; we provide cost-effective solutions that protect our customers, products, and company; we innovate to help mitigate cyber risks and be a step ahead of any breach. Thank you for trusting us to protect you.