At Cayzu, we are committed to running a reliable and secure helpdesk. We take our security very seriously.
Custom SSL certificates
All Cayzu accounts come default with an enabled wildcard SSL certificate. Your own support domain or vanity URL can be secured with a Custom SSL certificates. You can request a custom SSL certificate for your portal and have us enable it for you.
IP and Network restrictions
Cayzu supports Whitelist IP ranges and so you can decide who gets access to your helpdesk. You can restrict login access outside of the office by whitelisting just work network addresses for agents and employees. You can also create secure and exclusive access for agents to login from anywhere by linking IP whitelisting to a virtual private network (VPN).
Identity & access management
Cayzu supports single sign on (SSO) for agents and users to authenticate by letting them use their existing credentials. This is both secure and makes account management substantially easier. Users can use a database like Active Directory or social accounts like Google, Facebook and Twitter.
Understand how we protect your data
The security, integrity, and availability of your data are our top priorities. We know how vital it is to your business success. To ensure you never have to worry, we use a multi-layered approach to protect and monitor all your information.
Cayzu is hosted on the Amazon Web Services (AWS) infrastructure, a highly scalable cloud computing platform with end-to-end security and privacy features built in. Our team takes additional pro-active measures to maintain a secure infrastructure and application environment.
For additional, more specific details regarding AWS security, please refer to https://aws.amazon.com/security/. We don’t publicize exactly what features, services and data center regions/zones are used at Cayzu for security reasons, but we are able to provide a brief overview of our approach to securing your company’s data.
Data Center Security
AWS maintains a list of reports, certifications and independent assessments to ensure complete and ongoing state-of-the-art data-center security:
AWS infrastructure is housed in Amazon-controlled data-centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data-centers themselves are secured with a variety of physical controls to prevent unauthorized access.
Cayzu infrastructure is hosted in a fully redundant, secured VPN environment, with access restricted to operations support staff only. This allows us to leverage complete firewall protection, private IP addresses and other security features.
Cayzu takes a multifaceted approach to application security, to ensure everything from engineering to deployment, including architecture and quality assurance processes complies with our highest standards of security.
We test all code for security vulnerabilities and regularly scan our network and systems for vulnerabilities.
Applications and servers are regularly patched to provide ongoing protection from exploits
Third-party assessments conducted regularly:
Application vulnerability threat assessments
Network vulnerability threat assessments
Selected penetration testing
Software tested by security teams for full scope of OWASP security risks
All Cayzu web application communications are encrypted over 256 bit SSL, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions.
Cayzu’s credit card processor maintains ongoing Level 1 PCI compliance, adhering to stringent industry standards for storing, processing and transmitting credit card information online. In addition to encrypting customer payment information, the following types of information are also encrypted:
User email addresses
API keys, including 3rd party keys stored by Apps
Company-specific data is kept separate through logical separation at the data tier, based on application-level access permissions and roles.
Single sign-on (SSO) allows you to authenticate users without requiring them to enter additional login credentials
Cayzu follows secure credential storage best practices by never storing passwords in human readable format, and only as the result of a secure, salted, one-way hash..
Access to data is governed by access rights, and can be configured to define granular access privileges.
Information Security team (including datacenter security team) monitors internal and external security events and implements corrective actions
Systems access logged and tracked for auditing purposes
All Production Network systems, networked devices, and circuits are constantly monitored and logically administered by Cayzu staff. Physical security, power, and internet connectivity are monitored by the facilities provider (Amazon).
Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.
In addition to our extensive internal scanning and testing program, periodically Cayzy employs third-party security experts to perform penetration tests
We employ third-party, qualified security tools to regularly dynamically scan our applications against the OWASP Top 10 security flaws.
The source code repositories are scanned for security issues via our integrated static analysis tooling.