zenphi Data Privacy and Security
zenphi was born in the cloud and was designed from the ground up with security in mind. Security related best practices are an integral part of our work culture. We incorporate them in all parts of zenphi from product development ,to data handling, to operation.
No matter how well a system is designed, it’s bound to run into a few hiccups. Even with an enterprise grade platform like zenphi, our clients may sometimes run into issues that they may not be able to resolve themselves. In these circumstances, our clients know that they can depend on our support team to help them resolve these issues. But in this era of privacy and data regulation, many of our clients may not be so comfortable sharing this critical information with us.
“[In the future] more and more enterprises will become selective about what data they give to their vendors, even if that choice makes the product or service they’re using less effective… [we] will see organizations choosing to opt-out of data sharing due to concerns about anonymization, privacy, and accidental disclosure.”
– Forrester Research, Predictions 2020: Cybersecurity
At zenphi, we take customer data privacy seriously. The zenphi platform was designed with security and privacy in mind. We have controls built into the product as well as policies that govern how we manage and operate our infrastructure.
What data is collected and why
In order to automate processes, zenphi needs to store and utilize certain data. The stored data is required for providing automation services for our customers. We can classify this data into two categories.
Flow reference data
Data that is required for an execution of an instance of a flow is referred to as flow reference data. This data is required for the proper execution of the flow. Without it, the flow would not be able to execute.
For example, let’s look at a sample flow which is triggered using a Google Form and we update a sheet with information from the form. For the execution of the flow, zenphi needs to store the information captured in the form so that it can be passed to the “Update Row” step, to be written into the sheet.
All reference data stored by zenphi is encrypted as outlined below.
Flow metadata refers to information about the flow execution. This includes information such as when the flow started / ended, when each step of the flow started / ended, the status of the flow, log stream messages etc. This information is displayed in the recent runs and run details page.
Data encryption and security
It’s important to ensure that all the data is secured while in transit as well as in storage (at rest).
Data in transit
All data that is sent to / received from zenphi services as well as any internal calls, is encrypted using TLS V1.2/1.3. This prevents any “man-in-the-middle” attack, where a malicious third party tries to intercept and/or modify data that is being transmitted.
Data at rest
All data that is stored by zenphi is encrypted by Google Cloud. This covers all data that is stored in databases, blob storages etc. Google Cloud uses AES-GCM (256 bits) encryption with keys backed by key stores to ensure all data is encrypted.
Sensitive data at restThis covers all data that is stored by zenphi. However, as an additional layer of protection, client sensitive data is also encrypted by zenphi. Sensitive data includes but is not limited to, connection credentials, flow reference data and files, zenphi vault tokens etc. For encryption, each workspace is assigned a dedicated encryption key. This key is stored encrypted by a zenphi encryption key, which in turn is securely stored in a key store.
All sensitive information is encrypted by the workspace encryption key before it’s stored in database or blob storage. All stored information is in turn encrypted by Google cloud.
Managing zenphi’s access to your data
his section explains the limited circumstances under which access to customer data may be required by zenphi personnel and the internal controls to ensure this access is appropriate and limited. This section also covers the available settings to manage and control the stored data and access to it.
How does zenphi safeguard your data from unauthorized access?
Security and data privacy was not an afterthought at zenphi, it forms the foundation of the entire zenphi platform and was part of it from inception. At zenphi, we follow a secure software development life cycle (SDL). From ideation to development, testing, deployment and maintenance, security best practices are followed and enforced throughout. This ensures any new feature that we develop, does not inadvertently compromise on the security and data privacy of our customer’s data.
Access controls are built into zenphi. Only authorized users for a workspace are able to access data. All users are authenticated using Google single sign-on and assigned access tokens for workspaces that they have access to. These tokens contain security permission information, which is verified by zenphi for every action they take in the system. All actions a user takes in the system are audited and can be viewed by the workspace administrator.
Within the workspace, users can control who can view/edit items such as flows, connections etc. This privacy setting is enforced throughout the system.
Customer controls over access to data
At zenphi, we are firm in the belief that: you own your data, and we will never use it for any purpose other than those necessary to fulfill our contractual / legal obligations. We understand that, in addition to our commitments, customers want additional transparency and control over their data in zenphi. That is why zenphi offers industry-leading controls to define how and when data is purged from our system.
While a flow is executing, zenphi requires the flow reference data and metadata for it to be able to execute the flow to completion. When the flow completes, either successfully or in an erroneous state, this information is no longer required and can be purged.
Customers can define how data is purged using the data handling global setting or override it on a per-flow basis. You can configure zenphi to automatically purge data upon completion of a flow, or have it purged on a schedule (e.g. 14 days after the flow has completed). There are 3 levels that customers can configure.
- Preserve reference data and metadata
- Preserve metadata only
- Purge all data
The first option allows customers to be able to diagnose and troubleshoot any issues that might have happened. This will also aid in troubleshooting by zenphi personnel if the customer raises a support request. All access to view reference data is audited and the customer can control who has access to view diagnostic data. This will allow users to re-run any failed steps and use advanced error recovery mechanisms such as SmartResume.
The second option will purge all flow reference data. It will only keep the flow instance metadata. With this option, it won’t be possible to perform diagnostics or use advanced error recovery mechanisms. It also means that the zenphi support teams won’t be able to perform any in-depth troubleshooting, as the data is no longer available.
With the third option, all data will be purged from the system. The only information that would be available is, when a flow ran and the status of it (e.g. completed, faulted etc.). As with the previous option, the ability to troubleshoot a problematic flow would be very limited.
With these options, customers have better granular control over their data stored in zenphi. For example, a customer could configure option 2 when a flow completes successfully and option 1 when it errors. They can also configure a schedule with option 3 to purge all information after 30 days regardless of the flow state. This way, if a flow completes successfully, all reference data is purged immediately. But if a flow errors, since they choose to preserve reference data, they can perform troubleshooting and rectify the flow. The final schedule will ensure that all data will be purged in 30 days.
Access authorizations for zenphi employees
All zenphi employees undergo background checks, are required to execute a confidentiality agreement, and comply with zenphi internal policies. The number of employees that may have access to customer data is limited and systems are in place to actively monitor and log the activities of those employees.
zenphi employees are only granted a limited set of default permissions to access company resources. Access to internal support tools is controlled via Access Control Lists (ACLs). A formal process is followed at zenphi to grant or revoke employee access to zenphi resources and access is automatically removed for departing employees.
Access authorization is enforced at all relevant layers of the system and infrastructure. When a support engineer needs access to customer data for diagnostics, an approval workflow is triggered in zenphi and required minimum privileges are granted on an as needed basis. An employee’s authorization settings are used to control access to all resources, including data and systems of the zenphi platform.
Security and compliance standards
Our customers expect independent verification of security, privacy and compliance controls. At zenphi, we undergo independent third-party audits on a regular basis to provide this assurance. The key international standards we are audited against are:
- ISO 27001 – Information Security Management
Customers can request our latest certification report as well as verify our status with the ISO governing body.
zenphi is fully hosted on the Google Cloud Platform and benefits from the comprehensive security controls in place by Google Cloud Platform (https://cloud.google.com/security)
When signing up with zenphi, you can choose one of our data centers to host your Workspace data. Your data will never leave the selected data center and you can be sure that you are complying with the data sovereignty requirements.
At the moment zenphi offers the following data centers:
- Europe (located in Germany)
Being a security and compliance centric company, zenphi considers its data processing and protection of customer’s privacy as one of the most important tasks. On top of that we do our best to comply with the EU’s General Data Protection Regulation (GDPR) try to fulfil customers’ rights mentioned by the GDPR regulation.
Protecting customer data is a primary design consideration for the zenphi platform. Our security practises are verified by independent third-parties, providing assurances to customers regarding our security controls and practices. Inline with our views that customers own their data, we offer advanced options for customers to control how their data is managed in the platform.
Security is an ongoing commitment at zenphi, and we will ensure our customers can use our platform in a secure and transparent manner.