Our application design covers security at multiple layers
We have successfully implemented Information Security Management System (ISMS). The ISMS covers all of Zapflow’s systems, services and personnel. Zapflow is recognized and certified as an ISMS compliant, certificate issued on October 20, 2020.
All data in Zapflow is encrypted at all times when stored, including all database entries, attached documents and emails. The data is stored encrypted in the Amazon Web Services (AWS) RDS service. All documents and email attachments are stored in AWS S3 in encrypted buckets. The encryption keys are managed by AWS KMS. All customer files are scanned for viruses within the AWS S3 with the AWS Lambda antivirus feature. AWS provides services that comply with the highest security standards in the industry, including SOC 3, HIPAA/HITECH, GDPR, PCI DSS Level 1 and MTCS Level 3.
Any network traffic in and out of our servers will always be transported over encrypted network protocols: SSL, WSS and SSH. The application servers are hosted in a Virtual Private Cloud (VPC) and only the internet-facing application servers are exposed through a firewall and load balancers. The databases and application servers are protected by firewalls. The firewalls only allow access to dedicated ports and protocols required by the application architecture.
Privacy and visibility
We pay the utmost attention to your data privacy and visibility. Access privileges to the data are managed and checked on four levels: input data validation, database queries, business logic and upon data serialization. In addition to that, role-based authorization privileges are checked upon every request to our application servers.
Automated audit logs
All requests to our application servers are logged and logs are stored and encrypted on the AWS S3 service. An object-level change timeline is provided for select objects.
Internal data access
We do not have access to our customers' data. Only within a special control, we might be provided temporary access to your data by authorized employees only to satisfy your special requirements or business needs.
Uptime and durability
The AWS RDS Database is configured with a multi-zone hot-swap replica. The automated backups are stored daily and in multiple locations. We use third-party tools to monitor service availability worldwide and our personnel is automatically notified of any outages.
Virtual private network
Our AWS application servers are protected by firewalls and only the internet-facing servers can be accessed via SSL and WSS protocols. Any other access to our servers is limited to VPN. Access to the VPN is given only to our DevOps team and is only allowed with public key authentication.
Two-factor authentication (2FA)
Our AWS access policy requires all users to use Two-factor authentication (2FA) to log in to Zapflow Amazon Web Services accounts. 2FA can also be integrated into customer user accounts when they login to Zapflow. For more details on this subject please contact email@example.com.
"Zapflow has proven to be the perfect tool for finding deals and carrying out projects. During 2020, we have already made 4 acquisitions in Finland."
Zapflow is one of the key tools we use in our day to day work. It enables us to do everything from deal flow tracking to portfolio reporting.
"We so felt the pain! Managing the deal flow in Excel was a nightmare and we are happy that all our deals are all now in Zapflow."