EZO’s Approach to Security
CSA STAR Level 1
EZO is CSA STAR Level 1 certified. The Security, Trust, Assurance, and Risk (STAR) Registry is a publicly accessible registry that documents the security and privacy controls provided by cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM). As part of the CSA STAR Registry, we can show current and potential customers our full security and compliance posture, including the regulations, standards, and frameworks that we adhere to. To view our STAR registry listing, click here.
SOC 2 Compliance
We are Service Organization Controls (SOC) 2 compliant, based on an audit against the Trust Services Principles and Criteria (TSP) of the American Institute of Chartered Public Accountants (AICPA). The AICPA SOC 2 Type 2 report gives assurance with regards to the security, availability, processing integrity, confidentiality, and privacy of information and data systems directly owned, managed and controlled by EZO. Additionally, SOC 2 compliance ensures transparency and provides a level of trust to our customers on security controls implemented to safeguard customer data on all control environments pertaining to retrieval, storage, processing, and transfer of data. To request EZO’s SOC 2 Type 2 report, please reach out to support@ezo.io.
ISO 27001 Certification
EZO is certified by Resource Inspection Canada Incorporated (RICI) for ISO/IEC 27001 compliance. RICI is a Certification Body associated with the International Accreditation Service (IAS) in the US and is geared towards exceeding customer satisfaction in the fields of ISO Management Training, Auditing, Inspections, Testing, and Certification. The ISO/IEC 27001 is one of the most widely acknowledged information security standards worldwide, outlining best practices to secure the confidentiality, integrity, and availability of information in a company. ISO/IEC 27001 outlines and provides the requirements for an information security management system (ISMS), specifies a set of best industry practices, and details the security controls that can help manage information risks. As an ISO 27001 certified company, EZO is able to easily detect, monitor, and eliminate any potential information security risks - particularly as they relate to rental management, access control, and classification policies. To request EZO’s ISO certification, please reach out to support@ezo.io.
TX RAMP Level 1
EZO is certified by the Texas Department of Information Resources for TX RAMP Level 1.The Texas Risk and Authorization Management Program provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies. To request EZO’s TX RAMP certification, please reach out to support@ezo.io.
Hosted on Amazon Web Services
All EZO Products are hosted on Amazon Web Services (AWS). The AWS is ranked as one of the world’s best cloud computing services and stores information of some of the largest global enterprises. To this end, it has robust controls in place to ensure security and data protection in the cloud. The AWS IT infrastructure is therefore developed and managed in agreement with security best practices and a variety of IT security standards. For an overview of the security processes in place at AWS, read more about AWS Security Whitepapers here
EZO’s Commitment to Security
EZO continues to make data security a priority by ensuring that industry standards and best security practices are followed. The EZO Security Team diligently works towards protecting the confidentiality, integrity, and availability of our customers’ data on the web application. Our adherence and compliance with ISO 27001 and SOC 2 Type 2 is a testament to our commitment towards Information Security. For any questions or queries related to Security please reach out to us via email at support@ezo.io.
