Protecting and defending your data across people, process and technology. Identity and Access Management (IAM)
By default, customers sign-up, register and authenticate their account directly through our application API or web portal based on the OpenID Connect (OIDC) authentication layer on top of the OAuth 2.0 authorization framework.
For enterprise customers, Single-Sign-On (SSO) and federated identity access integrations are available with a customer’s existing IAM implementation.
We enforce a level of password complexity during sign-up and registration to promote secure credentials. We verify account ownership during registration and for password resets to ensure the request is from an authentic source.
Customers have complete and granular control over who they chose to allow to have visibility and access to various elements of their data in the Zahara Insight service. At any time, customers can add, modify and remove users from their account as well as immediately revoke any access by any user at their discretion by contacting email@example.com.
Customers have complete and granular control over who they chose to allow to have visibility and access to various elements of their data in the Zahara Insight service. At any time, customers can add, modify and remove users from their account as well as immediately revoke any access by any user at their discretion by contacting firstname.lastname@example.org. Customers can control and manage saved content including dashboards, keywords, data point (tag) metadata, ad-hoc charts and visualizations by contacting email@example.com.
Zahara Insight offers a set of REST based APIs that are secured using SSL/TLS encryption, that require proper and valid parametrization to limit scope and that require a level of authorization beyond the default standard user permissions.
External Security Audits
We continue to work with respected third-party professional application security monitoring and assessment experts on a regular and periodic basis in an effort to proactively identify any potential vulnerabilities so that we can quickly address those concerns and stay current with the ever changing cybersecurity landscape.
Continuous Monitoring and Security Assessments
We have in place various proactive monitoring and active security policies and procedures to identify abnormal behavior, catch anomalous activity, detect and isolate suspicious activity against or within our online solution. Examples include limitations on authentication requests, location based risk evaluations, size and growth of user activity, failed authentications, API rate requests and more.
Zahara Insight is designed to be a highly secure, scalable, robust and resilient managed service deployed across data centers in multiple locations.
Insight benefits from a highly committed team of people who continue to release non-disruptive updates on a frequent and consistent basis to maintain and elevate both the security and functionality of the offering.
Ensuring continued availability of our offering is outlined in our service level agreement (SLA) which can be referenced via our legal resources.
We believe in being as transparent as possible around the availability of our service and therefore encourage you to subscribe to our service dashboard to be proactively notified about any planned maintenance periods or unexpected disruptions.
For a complete list of our existing terms and conditions governing our cloud service, please visit our legal page.
To stay current on all recent activity surround our service, subscribe to our blog.
Policy On Customer Data Access for Support