ZigiWave Security Overview

Compliance

ISO 27001

ZigiWave is ISO 27001 certified. The ISO 27001 is an international standard for information security. It is awarded to companies that meet a vast number of criteria in terms of how data is managed, stored, and maintained.

FIPS 140-2

ZigiOps encrypts the integration configuration data in full compliance with the FIPS 140-2.

No Database

ZigiOps is designed with security in mind. Along with following industry best practices for platform development, we have built our product to align with data security by not storing any of the transferred data on a disk or database.

ZigiOps keeps only a very small amount of it for troubleshooting purposes for a limited period, which can be controlled by the users.

Hosting Environment and Physical Security

ZigiOps comes in On-Premises and Cloud versions. The IPaaS version is hosted on public cloud infrastructure from Amazon Web Services (AWS). Amazon maintains high standards of security for its data centers. You can read further about the AWS security practices here: aws.amazon.com/security/

Network Security

The ZigiOps cloud version is only accessible over HTTPS protocols. Traffic over HTTPS is encrypted and protected from interception by unauthorized parties. ZigiWave follows current best practices for security, including the use of industry-standard TLS 1.3 and TLS 1.2 encryption algorithms with a key length of at least 128 bits.

ZigiOps uses secure protocols for communication with third-party systems: usually HTTPS, but other protocols such as SFTP and FTPS are also supported. For connecting to on-premises systems, access requires the installation of an agent, which can be installed behind the firewalls. It communicates outbound to ZigiOps over an encrypted link, using TLS 1.2.



The on-premises version of ZigiOps is installed behind the firewalls in the customer’s environment and only authenticated users can access it.