Anzen helps HR leaders and company executives have visibility into company risks by analyzing data from business systems and translating the data into actionable insights to resolve those risks. We recognize the obligation that comes with handling critical customer data, and we work closely with our customers and partners to ensure the data we process is protected using world-class Information Security standards.
Anzen's Information Security Philosophy
The Anzen information security program is anchored on the principles of the NIST Cybersecurity Framework. Information Security is ingrained into the culture of the company, from hiring and onboarding policies, through our daily activities at Anzen, through our processes to design, develop, and operate our software.
I. Securing our Data
- Restrict and monitor access to sensitive data
- Develop transparent data collection procedures
- Train employees in online privacy and security measures
- Build secure networks to protect online data from cyberattacks
- Establish clear procedures for reporting privacy breaches or data misuse
- Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.)
Type II audit. The audit confirms that Anzen Technologies, Inc’s information security practices,
policies, procedures, and operations meet the SOC 2 standards for security.
II. Key partnerships
We strive to ensure that any third-party vendors or suppliers meet or exceed our expectations for security and privacy controls. We perform strict third-party risk analyses and only partner with vendors with the strictest security controls, such as Amazon AWS.
IV. Responsible disclosure
We take the security of our systems seriously, and we value the work of the security community. The disclosure of security vulnerabilities to Anzen helps us keep information secure, subject to the following guidelines:
Please make any disclosures to security@anzen.com
Make every effort to avoid privacy violations, violation of licensing terms, degradation of user experience, disruption to production systems, and destruction of data during security testing.
Keep information about any vulnerabilities you’ve discovered confidential between yourself and Anzen for 90 days to allow for an opportunity to resolve the issue.