Security

Security is at the core of our platform, Vinyl, and our company, Zudy.

Down Arrow Icon
Zudy Security

When Zudy began developing Vinyl years ago, security was at the forefront of our product roadmap and there are many security-related elements baked right in from inception. To this day, we keep security front and center as we continue to iterate and improve upon Vinyl.

 As a company, Zudy enlists strategies, processes, and protocols to keep security and compliance paramount to the work we do.
This guide provides an overview of some of the different ways we incorporate security into our platform and company. 

SOC for Service Organizations Logo
01

SOC 1 Type II and SOC 2 Type II Compliance

Zudy has undergone the Service Organization Controls (SOC) audit issued by the Association of International Certified Professional Accountants and is fully compliant with SOC 1 Type II and SOC 2 Type II. SOC 1 and SOC 2 represent assurances on operational controls at a service organization. Zudy holds an active SOC 1 Type II report and an SOC 2 Type II report.

02

Privacy Policy

Zudy takes our obligation to privacy and safeguarding data seriously and complies with all applicable laws and regulations. Read our Privacy Policy Statement which applies to all information collected, managed, and controlled by Zudy.

Zudy Privacy Policy / Terms of Website
03

Network and Service Security

Zudy maintains state-of-the-art security and monitoring with our networks and services, including:

Active Monitoring

Zudy continuously monitors all our services to ensure optimal service and uptime. Our Support Team is available to customers with an SOW agreement.

Disaster Recovery Plan

Zudy maintains a Disaster Recovery Plan (DRP) in the event of an emergency. This plan is kept current and is regularly rehearsed.

Mimecast

Zudy leverages Mimecast for advanced email security protection.

Zudy Network and Service Security
04

Platform Security

Zudy regularly performs audits and checks on the platform itself, in addition to running thorough QA and UAT testing with every major and minor Vinyl release. Some of these additional audits include:

Penetration Testing

The Vinyl platform undergoes annual penetration testing which is performed by a third-party company. This testing helps Zudy identify any weaknesses in our systems, network, and infrastructure. 

Additional Security Testing

Zudy has undergone the Service Organization Controls (SOC) audit. Zudy leverages Veracode and SourceClear to help assess and maintain Vinyl’s security.

Checkmark Icon White
Veracode is used to scan and identify any static vulnerabilities
Checkmark Icon White
SourceClear reviews libraries our technology uses to ensure they do not contain security vulnerabilities
05

Application Security

At the application level, Vinyl developers are responsible for implementing and maintaining the security measures and configuration. If required, Zudy can work with our customers to develop compliant apps. The Vinyl platform, in combination with proper security measures, standards, and configuration, can be used to build apps that are compliant with HIPAA, PCI, and GxP.

Vinyl provides many different methods to implement and control application-level access and security. Examples of application security:

Providers & Identities

Vinyl’s security model supports multiple, configurable security providers. Security providers handle user authentication to an application, data source authentication, connection-level security, and authorization policies.

Privileges & Permissions

Vinyl’s application security model is composed of Users, Groups, Privileges, Roles, and Permissions. Collectively these elements allow a developer to group and provision the right access to the right users.

Native Audit

Vinyl provides auditing capabilities out of the box and a simple method for developers to enable enhanced auditing if desired. This functionality provides a visual log to any changes made to each record.

Vinyl Security Overview

Vinyl promotes the rapid development of secure applications along with their ability to be quickly deployed in a secure environment. Native security features and configuration options available within the Vinyl platform enable developers to configure and secure their applications.

Information on Vinyl and security, including the Vinyl Security Overview guide, is documented and available on ZU Knowledge Base. 

Free Trial

Try the guided
Vinyl platform for yourself.

Proof of Concept

Interested in a
proof of concept?