Last updated: April 2, 2026
Inzata maintains a comprehensive information security program designed to protect the confidentiality, integrity, and availability of customer data. Our program is aligned with industry standards including SOC 2, ISO 27001, and NIST frameworks.
All customer data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Data is stored in SOC 2 compliant data centers with redundant backups and disaster recovery capabilities.
We implement role-based access control (RBAC) with the principle of least privilege. All access to production systems requires multi-factor authentication. Access reviews are conducted quarterly.
Our incident response plan includes detection, containment, eradication, and recovery procedures. Customers are notified of security incidents that affect their data within 72 hours in accordance with applicable regulations.
Regular vulnerability scans and third-party penetration tests are conducted. Critical vulnerabilities are remediated within 24 hours, and high-severity issues within 7 days.
All employees undergo background checks and complete security awareness training annually. Access to customer data is restricted to employees who require it for their job functions.
Our infrastructure is hosted in enterprise-grade cloud environments with physical security controls, network segmentation, intrusion detection systems, and continuous monitoring.
For security inquiries or to report a vulnerability, please contact our security team at security@inzata.com.