INFRASTRUCTURE

The zen Network and

Compute Infrastructure

 

Built on a a globally distributed compute and network infrastructure which is SOC 2, CSA, and ISO 27001 certified and compliant with NIST 800-53 National Institute of Standards and Technology (NIST) security controls that are generally applicable to US Federal Information Systems

zen has built on top of one of most robust, distributed, fault tolerant and geo-politically secure infrastructures in existence.  With AES 256 at-rest, in-transit end-to-end encryption, and 3fa biometric security, zen was designed to meet or exceed even the most stringent security standards.

Infrastructure Certifications and Compliance ISO/IEC

The zen platform is built on a globally distributed compute and network infrastructure which is SOC 2, CSA, and ISO 27001 certified.  Our infrastructure certification for ISO/IEC 27001:2013 is verified by EY CertifyPoint, an ISO certifying agent accredited by the Dutch Accreditation Council, a member of the International Accreditation Forum (IAF).

Infrastructure Certifications and Compliance NIST

zen complies with NIST 800-53 National Institute of Standards and Technology (NIST) security controls that are generally applicable to US Federal Information Systems. Federal Information Systems typically must go through a formal assessment and authorization process to ensure sufficient protection of confidentiality, integrity, and availability of information and information systems.  The NIST Cybersecurity Framework (CSF) is supported by governments and industries worldwide as a recommended baseline for use by any organization.

Vulnerability and regression testing

We use automated code testing, next generation vulnerability testing (including OWASP Top 10) and continuous monitoring technologies.  We have a comprehensive development and testing environment that allows us to roll out and back platform updates in real-time.  This allows improvements and updates to our software platform to be rolled out continuously, eliminating the wait for feature requests, enhancements and bug fixes.

Real-time geographic data Replication

We utilize point-in-time data snapshot and recovery for all data in the zen+ system.  This gives us the ability to roll back our database to any one minute in time, virtually eliminating the possibility of data loss, even if done maliciously by an authorized employee.

Extensive Transactional Logging

We utilize extensive transaction logging ranging from user (UI) and server process and security logging.  We create system fingerprints for every user that accesses the system, enabling us to quickly identify suspicious access attempts.  We also use our biometric facile analytics system to provide biometric confirmation of system access incorporating 2fa authentication to virtually eliminate the possibility of password or account sharing.

RDS AES-256 encryption

We use AES-256 encryption to encrypt data at rest that sits across multiple geographically redundant storage arrays.  That means while the data sits on our systems it is encrypted using AES-256 encryption. 

You can run an independent data security evaluation on our site for in transit data here https://www.ssllabs.com/ssltest/analyze.html?d=zen.automate.ag

Data Retention

Data retention duration is at the discretion of each individual agent/customer.  Customers have the ability to set a data retention duration for open and closed files applications as well as archive any individual applicant which removes all traces of the application from our systems. 

Contact

About zen →

Phone

London:+44(203)9360353

New York : +1(646)8470560

Miami: +1(954)8900560

Belgium: +32(2)8084444

Hong Kong: +852(2)5925517

Lagos, Nigeria: (234)13438882

Canada:+1(647)2435046

Athens: +30(21)11984195