Security for third party integrations Follow

Some great features that customers can enable in their Zendesk are detailed below and are provided via Zendesk’s integration with certain third party providers.  These features are integrated into Zendesk such that they are protected by our product security features, but each of these third party suppliers have their own infrastructure security and policies. The goal of this article is to provide further transparency into the security of these third parties.

Zendesk Voice

Zendesk integrates with Twilio for the provision of Zendesk Voice.

Physical Security

Twilio uses a secure physical facility with round-the-clock surveillance, multi-factor authentication, redundancy zones, and security logging, These factors are included not only in the Twilio infrastructure but Amazon Web Services (AWS), where the platform is hosted. AWS complies with AICPA SysTrust, ISO 27001, and other leading physical security frameworks.

Network Security

Twilio employs best practices for network security, protecting customer data from application to the platform to thousands of carrier connections around the world. Preventative measures include network firewalls, denial-of-service (DoS), distributed DoS prevention, and network posture assessment.

Data Protection

Twilio uses HTTPS-encrypted communication, strong TwiML URL password protection, role-based authorization, and validation of all outbound requests to applications keep Twilio-powered apps protected and available.

Availability and Continuity

Twilio is built on a software-based infrastructure and distributed systems, Twilio's platform will run all internal and customer communications. The platform handles concurrency, fast failover, and outage proofing that make hosting voice and messaging less complicated.

Compliance Certifications and Memberships

Self-Certified under US-EU and US-Swiss Safe Harbor Frameworks

Other

Twilio regularly scans their systems for security vulnerabilities and performs third-party penetration tests several times a year. All access to Twilio production clusters is restricted to Twilio engineers, and is regularly logged and audited.  

Twilio has entered into a Data Processing Agreement with Zendesk to ensure compliance with applicable data privacy regulations relating to personal information.

Read about Twilio’s platform security for the most up-to-date security information.

Insights

Zendesk partners with GoodData for the provision of its analytics, known as Insights.

Physical Security

GoodData utilises enterprise-class SSAE 16 SOC2 Type II audited and ISO 27001 certified facilities that include 24/7/365 managed security and physical access control.

Network Security

Dedicated network and hardware is secured by an industry-grade firewall and network security zones.

Data Protection

The GoodData Platform reliably secures all key areas, and ensures that all data remains confidential, available and backed up for governance and disaster recovery purposes. Security zones are defined and implemented with specific enforcements, such as protocol enforcement, intrusion detection, and monitoring, while the complete GoodData Platform is subjected to regular penetration testing. Customer data is both isolated and encrypted in transport as well as at rest to further enhance its defense.

Availability and Continuity

GoodData runs its analytical platform as thousands of granular analytical services in multiple datacenters, so that the GoodData Platform remains up and running even in case of datacenter level performance degradations and outages. GoodData guarantees Zendesk a 99.5 percent uptime SLA which translates to only a little more than three hours of downtime per month. And, to promote complete transparency, GoodData publishes its SLA history.

Compliance Certifications and Memberships

SOC2 Type II Report
TRUSTe® Privacy Seal
Certified under US-EU and US-Swiss Safe Harbor Frameworks
Certified Enterprise-Ready by Skyhigh CloudTrust Program

Other

GoodData proactively monitors the platform and all of its underlying operating components for security incidents, including alert notifications generated by GoodData systems, industry and open source alerts, and community alerts. GoodData employs a dedicated 3-level support team in 24x7 on-duty mode who are trained to provide systematic and efficient response to incidents including security and availability issues.  

GoodData has entered into a Data Processing Agreement to ensure compliance with applicable data privacy regulations relating to personal information and a Business Associate Agreement to support our subscribers subject to HIPAA.

Read about GoodData’s security for the most up-to-date security information.

 

Have more questions? Submit a request

Please sign in to leave a comment.

Powered by Zendesk