Zenda has established a robust information security program to ensure the protection of customer data. The Zenda Platform is hosted in an AWS environment and customer data is fully encrypted at rest and in transit.

As part of its ongoing commitment to information security, Zenda maintains a defense-in-depth strategy to securing all layers and environments of the Zenda platform. Keys and secrets used to protect customer data are maintained in a secure key store.

Zenda also performs routine vulnerability and security testing against the platform environment in an ongoing basis. External penetration testing is also performed at least annually.

All Zenda team members are required to affirm compliance with policies and procedures. All team members are required to take security awareness training upon hiring and at least annually.

Zenda employees are only granted access to technical resources based on job requirements and all access is approved by Zenda senior management.