Zudy will be migrating to Jitterbit.com starting June 5th.
Security is at the core of our platform, Vinyl, and our company.
When we began developing Vinyl years ago, security was at the forefront of our product roadmap and there are many security-related elements baked right in from inception. To this day, we keep security front and center as we continue to iterate and improve upon Vinyl.
As a company, we enlist strategies, processes, and protocols to keep security and compliance paramount to the work we do. This guide provides an overview of some of the different ways we incorporate security into our platform and company.
Zudy has undergone the Service Organization Controls (SOC) audit issued by the Association of International Certified Professional Accountants and is fully compliant with SOC 1 Type II and SOC 2 Type II. SOC 1 and SOC 2 represent assurances on operational controls at a service organization. Zudy holds an active SOC 1 Type II report and an SOC 2 Type II report.
Zudy takes our obligation to privacy and safeguarding data seriously and complies with all applicable laws and regulations. Read our Privacy Policy Statement which applies to all information collected, managed, and controlled by Zudy.
Zudy maintains state-of-the-art security and monitoring with our networks and services, including:
Zudy continuously monitors all our services to ensure optimal service and uptime. Our Support Team is available to customers with an SOW agreement.
Zudy maintains a Disaster Recovery Plan (DRP) in the event of an emergency. This plan is kept current and is regularly rehearsed.
Zudy leverages Mimecast for advanced email security protection.
Zudy regularly performs audits and checks on the platform itself, in addition to running thorough QA and UAT testing with every major and minor Vinyl release. Some of these additional audits include:
The Vinyl platform undergoes annual penetration testing which is performed by a third-party company. This testing helps Zudy identify any weaknesses in our systems, network, and infrastructure.
Zudy has undergone the Service Organization Controls (SOC) audit. Zudy leverages Veracode and SourceClear to help assess and maintain Vinyl’s security.
At the application level, Vinyl developers are responsible for implementing and maintaining the security measures and configuration. If required, Zudy can work with our customers to develop compliant apps. The Vinyl platform, in combination with proper security measures, standards, and configuration, can be used to build apps that are compliant with HIPAA, PCI, and GxP.
Vinyl provides many different methods to implement and control application-level access and security. Examples of application security:
Vinyl’s security model supports multiple, configurable security providers. Security providers handle user authentication to an application, data source authentication, connection-level security, and authorization policies.
Vinyl’s application security model is composed of Users, Groups, Privileges, Roles, and Permissions. Collectively these elements allow a developer to group and provision the right access to the right users.
Vinyl provides auditing capabilities out of the box and a simple method for developers to enable enhanced auditing if desired. This functionality provides a visual log to any changes made to each record.
Vinyl promotes the rapid development of secure applications along with their ability to be quickly deployed in a secure environment. Native security features and configuration options available within the Vinyl platform enable developers to configure and secure their applications.
Information on Vinyl and security, including the Vinyl Security Overview guide, is documented and available on ZU Knowledge Base.
See the award-winning
Vinyl platform in action!
Interested in a
proof of concept?
