Enterprise Safety, Security & Privacy
Zapty adheres to the highest industry standards for security. The security of the information you put into Zapty is very important to us. Zapty uses physical, procedural, and technical safeguards to preserve the integrity and security of your information. For example, among other practices we:
- Regularly back up your data to help prevent data loss and aid in data recovery,
- Host data in secure SAS 70 audited data centers,
- Implement firewalls and access restrictions on our servers to secure our network and better protect your information.
Bank-Level Secure Connections
All connections to Zapty, including sign-on, are encrypted at 256-bit through SSL via HTTPS. Any attempt to connect over HTTP is redirected automatically to HTTPS, ensuring data encryption.
Separate Application & Data Servers
Zapty’s web application servers are physically and logically separated from servers that store customer data.
Zapty has been designed, prototyped, built and deployed using secure development best practices, with security reviews incorporated throughout every phase of application development.
Customer Data Protection
We treat all customer data as confidential, and ensure that data is protected at the individual, team, and company levels. Sensitive production data is never migrated or used outside of the production facility.
Zapty data centers are housed in nondescript facilities, with extensive setback and military grade perimeter control. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means.
Zapty continuously replicates your data between physical locations to prevent data loss. Additionally, Zapty stores regular backups and has the ability to perform point-in-time recovery for more granular data recovery.
Zapty uses an industry standard database infrastructure to manage all user data. It provides us with the ability to do point-in-time recovery of our entire database at any second over the previous 7 days.