Security practices
Information is at the heart of all our businesses and lives. Customer trust is at the center of what we do and why security is our top priority.
Here are some insights into our security platform.
Read more about our approach to security and learn and how you the customer can be a part of it.
These statements apply to all our Cloud based Znadoo products.
Cloud product security
Security is embedded throughout our cloud products suite. We employ a number of controls to safeguard your data the following
Encryption in transit
All customer data is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ with Perfect Forward Secrecy (PFS) to protect it from unauthorized disclosure or modification. Our implementation of TLS enforces the use of strong ciphers and key-lengths where supported by the browser.
Encryption at rest
Data drives on servers holding customer data and attachments in our Cloud Software use full disk, industry-standard AES-256 encryption at rest.
For encryption at rest, specifically we encrypt customer data that is stored on disk. Data encryption at rest helps guard against unauthorized access and ensures that data can only be access by authorized roles and services with audited access to the encryption keys.
We operate multiple geographically diverse data centers
We host all of our cloud applications with our cloud hosting partner Microsoft Azure.
Azure data centers have been designed and optimized to host applications, have multiple levels of redundancy built in, and run on a separate front-end hardware node on which application data is stored.
Infrastructure as a Service
Our clients have the option to acquire and manage their own Infrastructure platform within the Azure Cloud platform ecosystem.
Tenant Isolation
Tenant isolation ensures that, even though customers are sharing a common IT infrastructure, they are logically segregated so that the actions of one tenant cannot compromise the data or service of another tenant.
Our approach to tenant isolation in consistent across all our applications. We use a Tenant Identifier stamped on every transaction on every table and database on every application.
Roles and Responsibilities
Users are managed by you the customer using the Znadoo Teams Feature Set.
Users are assigned a Position (Viewer, User, Manager, Owner, Supervisor) within the Znadoo Teams ecosystem. Positions are assigned Roles and Responsibilities across each application. Every page in every application is assigned an identifier. And each page is tagged with a list of actions (Add, Edit, Copy, Show and more) each of which has a permission (Allow, Deny) against it. In this way, a role becomes a collection of pages, permissions, roles and actions that can be individually adjusted.
The Teams Administration Center assigns responsibility and authority to your system owner to enable them to assign, change or cancel these permissions.
Support Access
Our support teams will only access customer data when required to resolve an open ticket
Our global support team has access to our cloud-based systems and applications to facilitate maintenance and support processes. Hosted applications and data are only able to be accessed for the purpose of application health monitoring and performing system or application maintenance, and upon customer request via our support system.
Vulnerability Testing
We employ an extensive vulnerability and penetration testing approach. Designed to challenge the system and expose any weaknesses that may be present in our environment.
We also perform on-going network vulnerability scans of both our internal and external infrastructure using industry leading vulnerability scanning software.
We also employ specialist security consulting firms to complete penetration tests on high-risk products and infrastructures.