ZigiWave Security Overview
ZigiWave is committed to delivering a secure, reliable, and robust integration platform.
This encompasses preserving the utmost confidentiality, integrity, and availability of ZigiOps customers' invaluable information.
In our pursuit of top-notch security, we adhere to established best practices for secure development and embrace OWASP principles principles. Furthermore, we routinely subject our systems to thorough penetration testing, which serves to assess our security standing and reinforce it.
ZigiWave is ISO 27001 certified. The ISO 27001 is an international standard for information security. It is awarded to companies that meet a vast number of criteria in terms of how data is managed, stored, and maintained.
ZigiOps encrypts the integration configuration data in full compliance with the FIPS 140-2.
ZigiOps is designed with security in mind. Along with following industry best practices for platform development, we have built our product to align with data security by not storing any of the transferred data on a disk or database.
ZigiOps keeps only a very small amount of it for troubleshooting purposes for a limited period, which can be controlled by the users.
Hosting Environment and Physical Security
ZigiOps comes in On-Premises and Cloud versions. The IPaaS version is hosted on public cloud infrastructure from Amazon Web Services (AWS). Amazon maintains high standards of security for its data centers. You can read further about the AWS security practices here: aws.amazon.com/security/
The ZigiOps cloud version is only accessible over HTTPS protocols. Traffic over HTTPS is encrypted and protected from interception by unauthorized parties. ZigiWave follows current best practices for security, including the use of industry-standard TLS 1.3 and TLS 1.2 encryption algorithms with a key length of at least 128 bits.
ZigiOps uses secure protocols for communication with third-party systems: usually HTTPS, but other protocols such as SFTP and FTPS are also supported. For connecting to on-premises systems, access requires the installation of an agent, which can be installed behind the firewalls. It communicates outbound to ZigiOps over an encrypted link, using TLS 1.2.
The on-premises version of ZigiOps is installed behind the firewalls in the customer’s environment and only authenticated users can access it.