https://zafin.com/wp-content/uploads/2020/07/Transparency-and-governance.svg

Transparency & Governance

  • All elements of a bank’s instance that might impact performance, availability or security are periodically tested with results automatically recorded. This includes third-party external penetration and intrusion detection tests to ensure the ongoing inviolability of Zafin’s subscriber infrastructure.
  •  Inbound event streams are inspected for unique events as well as patterns that might indicate a security risk. All events and patterns are immediately escalated for forensic examination and audit evaluation.
  •  Zafin’s operating environment and deployment models ensure clients have ready access to the information they require to support forensics, insider activity monitoring, data handling, process transparency, audit and governance.

https://zafin.com/wp-content/uploads/2020/07/User-monitoring.svg

User Monitoring

  • Zafin’s operating environment and deployment models ensure clients have ready access to the information they require to support forensics, insider activity monitoring, data handling, process transparency, audit and governance.
  • Zafin employees have no access whatsoever to bank systems or data unless similarly authorized on a limited-time basis.

https://zafin.com/wp-content/uploads/2020/07/Audit.svg

Audit

  •  All pertinent data relating to a bank’s SaaS instance, including trouble tickets, access assignments, VPN access and executed commands, are logged, retained and provisioned for forensic and audit purposes.

To ensure Zafin’s cloud-based SaaS has durability, consistency, security and traceability equal to or better than existing bank applications, Zafin has implemented the following:

https://zafin.com/wp-content/uploads/2020/07/Global-reach.svg

Global reach plus local footprint

Leveraging the global reach of our cloud service providers, we ensure each client’s instance is located as close as possible to the bank’s network, and all bank data remains within the proper jurisdiction.

https://zafin.com/wp-content/uploads/2020/07/Shared-nothing.svg

Shared nothing environment

Zafin provides each client with a dedicated environment. Clients do not share data or any aspect of the application. We use constant replication to geographically separate regions for disaster recovery purposes and integrated automated deployment pipelines with rolling upgrades to ensure no downtime.

https://zafin.com/wp-content/uploads/2020/07/Standardized-specifications-and-APIs.svg

Standardized specifications and APIs

Zafin offers a range of standardized integration patterns, including powerful, well-documented REST APIs and batch-based flat files.

https://zafin.com/wp-content/uploads/2020/07/Technology.svg

Managed environments

Zafin manages its environments to ensure clients have a secure, high-performance stack. Incident management and resolution are supported by a rigorous monitoring program plus automated alerts. Environments are regularly tested to ensure resilience in disaster recovery scenarios.

https://zafin.com/wp-content/uploads/2020/07/Incident-management.svg

Incident management

We supplement our standard uptime SLAs with 24×7 dedicated support for critical and security incidents.

https://zafin.com/wp-content/uploads/2020/07/SOC2.svg

SOC 2 Type 2 compliance

To safeguard customer data, Zafin has implemented robust controls based on the SOC 2 trust principles of security and availability. Each year, we are SOC 2 Type 2 certified by an external auditor.

https://zafin.com/wp-content/uploads/2020/07/Database-backup.svg

Database backups

Periodically, we implement database backups and ability rollbacks to protect against data losses and smooth any potential business continuity issues that might arise due to data issues.

https://zafin.com/wp-content/uploads/2020/07/Environments.svg

Environments

Multiple environments are provisioned on demand for testing and integration purposes.

https://zafin.com/wp-content/uploads/2020/07/Scalability.svg

Scalability

All infrastructure is designed for horizontal scalability for immediate response to client demand.