Security and Trust with ChurnZero
Working in Amazon Web Services
ChurnZero is wholly hosted in the Amazon Web Services Public Cloud (AWS). All AWS security best practices are adhered to. ChurnZero employs a least access security methodology. Users with access to the platform are given the minimum level of access required for their job function, and access is audited every 90 days.
DevOps User Access
Encryption In Transit
Encryption At Rest
Malware and Virus Scanning
Role Based Access Control
User Session Expiration
Continous Security Monitoring
The ChurnZero application stack is continuously monitored for vulnerabilities and anomalies. We work with industry leaders like AlienVault, Detectify and Datadog to have deep, real-time visibility across our infrastructure in order to maintain continuous security for our customers and their data.
- Alerting on suspicious network activity such as command and control connections out of the environment and external scans into the environment,
- Alerting on API calls to the infrastructure which do not follow cloud infrastructure best practices, in all aspects of AWS services, including data services, serverless computing services and compute services,
- Auditing our infrastructure daily to ensure it adheres to AWS security best practices,
- Alerting upon discovery of vulnerable packages on the workload and providing CVE (Common Vulnerability and Exposures) information.
With breach detection based on behaviors, we minimize the time that our team needs to spend on identification, analysis of the incident, and process and reporting post-security alerts or incidents.
All systems in the ChurnZero Application are highly available. All critical systems have a redundant pair that lives in at least 1 additional availability zone.
All critical data is copied on a nightly basis to another region in the same continent. ChurnZero Site Operations also maintains a DR by code infrastructure that can be spun up in another region to quickly restore systems and services in the event of a declared disaster.
Continuous Vulnerability Scans
ChurnZero continuously scans for the hundreds of database and web application hacker vulnerabilities, including the OWASP Top 10.
Periodic Penetration Tests
ChurnZero has yearly third-party vulnerability and penetration testing.
All customer data is deleted within 90 days of contract expiration.
Access to Additional Resources
To gain access to additional security resources , please contact your Customer Success Manager (if you are a customer) or your Account Executive (if you are a prospective customer). Our team will get back to you with the details.
SOC 2 Type 2 Report
Independent Opinion on ChurnZero’s control environment
The Cloud Security Alliance Self Assessment
ChurnZero Information Security Manual