Security Policy

Security practices

Information is at the heart of all our businesses and lives. Customer trust is at the center of what we do and why security is our top priority.

Here are some insights into our security platform.

Read more about our approach to security and learn and how you the customer can be a part of it.

These statements apply to all our Cloud based Znadoo products.

Cloud product security

Security is embedded throughout our cloud products suite. We employ a number of controls to safeguard your data the following

Encryption in transit

All customer data is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ with Perfect Forward Secrecy (PFS) to protect it from unauthorized disclosure or modification. Our implementation of TLS enforces the use of strong ciphers and key-lengths where supported by the browser.

Encryption at rest

Data drives on servers holding customer data and attachments in our Cloud Software use full disk, industry-standard AES-256 encryption at rest.

For encryption at rest, specifically we encrypt customer data that is stored on disk. Data encryption at rest helps guard against unauthorized access and ensures that data can only be access by authorized roles and services with audited access to the encryption keys.

We operate multiple geographically diverse data centers

We host all of our cloud applications with our cloud hosting partner Microsoft Azure.

Azure data centers have been designed and optimized to host applications, have multiple levels of redundancy built in, and run on a separate front-end hardware node on which application data is stored.

Infrastructure as a Service

Our clients have the option to acquire and manage their own Infrastructure platform within the Azure Cloud platform ecosystem.

Tenant Isolation

Tenant isolation ensures that, even though customers are sharing a common IT infrastructure, they are logically segregated so that the actions of one tenant cannot compromise the data or service of another tenant.

Our approach to tenant isolation in consistent across all our applications. We use a Tenant Identifier stamped on every transaction on every table and database on every application.

Roles and Responsibilities

Users are managed by you the customer using the Znadoo Teams Feature Set.

Users are assigned a Position (Viewer, User, Manager, Owner, Supervisor) within the Znadoo Teams ecosystem. Positions are assigned Roles and Responsibilities across each application. Every page in every application is assigned an identifier. And each page is tagged with a list of actions (Add, Edit, Copy, Show and more) each of which has a permission (Allow, Deny) against it. In this way, a role becomes a collection of pages, permissions, roles and actions that can be individually adjusted.

The Teams Administration Center assigns responsibility and authority to your system owner to enable them to assign, change or cancel these permissions.

Support Access

Our support teams will only access customer data when required to resolve an open ticket

Our global support team has access to our cloud-based systems and applications to facilitate maintenance and support processes. Hosted applications and data are only able to be accessed for the purpose of application health monitoring and performing system or application maintenance, and upon customer request via our support system.

Vulnerability Testing

We employ an extensive vulnerability and penetration testing approach. Designed to challenge the system and expose any weaknesses that may be present in our environment.

We also perform on-going network vulnerability scans of both our internal and external infrastructure using industry leading vulnerability scanning software.

We also employ specialist security consulting firms to complete penetration tests on high-risk products and infrastructures.