Security & compliance
Committed to Robust Data Security and GDPR Compliance
At Izix, we take data security and GDPR compliance as seriously as you do. Our enterprise clients trust us to maintain the highest standards in data protection and privacy. This page outlines the key elements of our security framework, so you can be confident that your data is safe, secure, and handled with the utmost care.
Data Center & Network Security
- State-of-the-Art Facilities: Our servers are hosted on AWS within SOC 2 Type II and ISO 27001-certified data centers located in the EU. Facilities are designed for resilience with redundant power systems and secure, no-access policies for hosting providers.
- Strict Physical Security: Both our data centers and office facilities are protected by multi-level security, including 24/7 security personnel, biometric access, and CCTV surveillance.
- Continuous Monitoring: Automated monitoring systems alert our teams to any issues, and our data center providers ensure physical security and connectivity.
- Network Architecture: Our network is safeguarded by multiple firewalls, HTTPS, intrusion detection systems (IDS), and segregated security zones. Sensitive databases are housed in trusted zones with no public access.
- Routine Penetration Testing: We conduct third-party penetration tests annually, with regular internal audits and access control.
Encryption & Data Protection
- End-to-End Encryption: Data in transit between you and Izix servers is secured via HTTPS and TLS 1.2/1.3 using AES-256 encryption, while data at rest is encrypted using the same industry-standard AES-256 algorithm.
- Access Control: Access to our network is restricted to those with a proven need, using multiple authentication factors and continuous audit logs.
- Availability & Continuity: With redundancy and disaster recovery plans in place, your data is continuously backed up across geographically distinct locations, ensuring availability and rapid recovery in case of disaster.
Application Security & Development Practices
- Secure Development Training: Our engineers are trained on OWASP Top 10 security risks and regularly practice secure coding standards.
- CI/CD Deployment Process: Our Continuous Integration and Deployment (CI/CD) pipeline includes security testing, automated compliance checks, and rollback capabilities, ensuring that updates are both secure and quality-controlled.
- Code Analysis & Penetration Testing: Static code analysis is a regular part of our development process, and we conduct annual third-party security assessments.
Product Security Features
- Secure Authentication Options: Izix offers a variety of secure authentication methods, including SSO with SAML 2.0, OAuth 2.0, and password encryption, allowing compatibility with most enterprise portals.
- API Security: Our APIs are SSL-only, supporting OAuth 2.0 for authentication, and are accessible only to verified users with appropriate authorization.
- Data Segregation & Retention Policies: Izix enforces strict data isolation and segmentation, ensuring that each customer's data is protected. Automated data retention policies support GDPR compliance, enabling timely data deletion.
- Audit Trail & Prevention of Code Injections: Izix maintains audit trails for critical actions, with measures in place to prevent JavaScript injections through secure coding practices and strict content security policies.
Compliance & Certifications
- GDPR Compliance: Izix is fully compliant with GDPR. Our privacy policies and data processing agreements ensure complete transparency and control over personal data.
- Top-Rated Security: Our A rating from SecurityScorecard highlights our commitment to robust cybersecurity, and we adhere to strict TLS/SSL standards for secure data transfer.
Comprehensive Security Policies & Personnel Practices
- Employee Background Checks: All new hires undergo background checks, and all employees sign Non-Disclosure and Confidentiality Agreements as part of our onboarding process.
- Access Policies: Access rights are granted only after training and are promptly revoked upon employee departure, ensuring data remains secure even after personnel changes.
- Security Policies & Training: Izix has developed a comprehensive set of security policies shared with employees and contractors, ensuring alignment with the latest in security best practices.
Discover How Izix Ensures Your Data Stays Secure
Learn how Izix's robust security framework and GDPR-compliant practices protect your data while enabling seamless parking management.
Book a DemoFAQs
How does Izix ensure GDPR compliance?
What security measures does Izix implement to protect my data?
How does Izix handle third-party penetration testing?
Can Izix integrate with our enterprise authentication systems?
