top of page

Security & Reliability

At ZAP IN we know that our customers rely on us as an important part of their business processes. We take our responsibilities to our customers seriously, and the security and reliability of the software, systems and data that make up the ZAP IN system are our top priority.

 

Security

SSL

The ZAP IN system - including your data - rests securely behind Cisco-powered firewalls.

All information travelling between your browser and The ZAP IN system is protected from eavesdroppers with 256-bit SSL encryption. The lock icon in your browser lets you verify that you aren't talking to a phishing site impersonating The ZAP IN system and that your data is secure in transit.   Our servers have SSL Certificates signed by global leaders in certificates, Starfield Technologies Inc (GoDaddy.com), so all data transferred between the users and the service is encrypted. The encryption is the same as that used for internet banking.

 

Firewalls

Vulnerability scanning

The ZAP IN system' servers are scanned for vulnerabilities regularly by AlertLogic, our managed security provider. These scans test our servers both from the Internet and from inside our network, and any newly-identified problems are addressed as quickly as possible.

 

Intrusion detection

All of the traffic entering and leaving The ZAP IN system' network is monitored by an Intrusion Detection System (IDS). Any unusual behaviour is analyzed by AlertLogic's CISSP-certified security experts, and responses are coordinated with our system administration team.

 

Strong encryption

Sensitive information is encrypted in our database using AES. 

 

User Access

No one has access to your organization unless invited by you and with a level of user permission selected by you. You can remove any invited users whenever you want.

Users must choose a strong password and automatic lockouts are enforced when incorrect passwords are repeatedly entered. We don’t allow the browser to save your login, which eliminates access from a stolen or compromised computer.   Optionally,  users can activate 2 factor authentication to further protect account access.

 

Physical security

The The ZAP IN system servers are located at Amazon’s state-of-the-art datacentres, which provide biometric access controls, constant surveillance, redundant power feeds and generators, robust fire suppression, and carefully monitored climate control to protect the servers that store your data and manage your billing.

Our servers are located within Amazon’s tier-4, enterprise grade hosting facilities. Access is restricted to authorized staff by a combination of biometric systems and 24/7 onsite security guards, and is continually audited to meet SAS 70 Type II standards.

 

Firewalls & Network Security

External access to our servers is controlled by multiple layers of firewalls, intrusion protection systems and routers, which are configured and monitored according to industry best practice.

Our own internal office networks are isolated from any customer data by design.

 

Reliability

Redundant servers and datacentres

The ZAP IN system infrastructure uses redundant storage and servers to keep the application and your data available in the case of hardware failure - and another set of servers and storage in a geographically separate datacentre in case our primary datacentre is made unavailable by a disaster or other disruption.

 

Managed hosting

The ZAP IN system has chosen Amazon web services for our hosting needs. With clients like General Electric, Hershey, Cisco, Pfizer, EMI Music, Scott's, Hilton, Sony Music, Columbia House and the US Marines, we know our cloud servers provide the hardware, service and expertise you expect.

AWS protect our European Union clients via the Privacy Shield Agreement.   iVenuto’s ZAP IN adheres to and complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. iVenuto.com Corporation and its vendors use the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit the website here.

 

Backups

The data in your The ZAP IN system account is replicated across multiple database servers in two geographic locations to prevent a single failure from causing data loss.

Our service has been designed for high user availability, with redundancy built into every level of our hosting infrastructure, including redundant power, network, database and web servers. Our service availability performance stands at over 99.99% since launching the service in 2011.

All customer data is backed up daily. We also run a continuous off site data back-up service into a second data centre facility for further real-time data protection.

Because we back-up your data, you don’t need to.

We go to great lengths to comply with legislation covering the security and privacy of data about you as an individual, and the visitor data relating to your organization, in all the major countries where The ZAP IN system is available.

If you have any security concerns or questions feel free to contact us.

 

How is ZAP IN more secure than desktop software?

With The ZAP IN system your data isn’t stored on your computer – if your laptop crashes, or gets lost, or stolen, all your data remains completely safe and unaffected.

By allowing your administration team to have secure access to your data within the ZAP IN system, it’s much more secure than emailing your visitor data files or sending out discs with your data on it.

 

Steps you can take to stay protected

We work very hard to keep The ZAP IN system secure. Here are some simple steps you can take to stay protected:

  • Create a password nobody can guess, so no dictionary words or family names. Be cryptic or use multi-word pass phrases - easy to remember, hard to crack.

  • Don’t share your password with anybody.

  • Don’t write your password on a sticky note and attach it to your computer.

  • Keep your browser software up to date.

  • Make sure you only login on our dashboard.

 

bottom of page