Information Security and Data Privacy at Zenda
Robust security and privacy are core principles at Zenda. We have established policies and procedures governing the use, access, management and operation of the Zenda software. Access to our systems and data is governed on the principle of least-privilege and minimum-necessary required.
SOC 2 Compliant
This achievement indicates that our handling and processing of customers’ data meets key security standards. The protection of customer data is the highest priority for our team and we’re committed to building a robust security & compliance program. We’re thrilled to celebrate this milestone as another way of building trust with our customers. We partnered with Advantage Partners & Vanta to seamlessly guide us through the compliance process.
Third-Party Security Testing
We engage with third-party security vendors in an ongoing basis for routine vulnerability scanning, automated penetration testing, and system monitoring. We engage Advantage Partners for annual external penetration testing.
Layered Security
We maintain an in-depth strategy for securing all layers of our operating and engineering environment. All data is encrypted at rest and in transit, and code security is evaluated at each step of the development and release process. Infrastructure-as-code is utilized to ensure uniform deployment for our customers as part of our multi-tenant architecture.
Rapid Resolution & Incident Response
Security vulnerabilities in our environment are monitored, evaluated and triaged as needed. Zenda also maintains a robust incident response and management process that is tested annually.
Annual Security Training
Our team members are required to undergo annual security awareness training to ensure their understanding of company policies and procedures, as well as security best practices.
