Ensure that only the right people have access to your company’s information in Dozuki with features like single sign-on, IP whitelisting, auto-logout and more.
Security is built into the fabric of our product, processes, and infrastructure so you can rest easy knowing your proprietary data is safe and always available when you need it.
Dozuki takes extensive measures to: protect your proprietary data, maximize availability through redundancy, and provide systems that meet the most stringent administrative, technical, and physical security requirements.
Our state-of-the art network is located in a secure data center. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.
Our servers run on a peer-audited, Linux-based open source stack. We update our servers frequently with the latest patches and run our entire network behind enterprise-grade firewalls. Our servers are scanned regularly by an independent third party security vendor.
Dozuki can be hosted in different ways to meet your unique technical requirements: hosted in our Dozuki Cloud, in your own private cloud, or on your own local servers. Hosting Dozuki on your own servers gives you the ability to run Dozuki in an air-gapped environment to meet even the most strict network security policies.
We're fanatical about uptime. All servers have always-on backups. If one system goes down, another automatically replaces it. Data stored on Dozuki is redundantly housed in multiple physical locations and is frequently backed up using different location points.
All data on Dozuki sites is encrypted at-rest using the Advanced Encryption Standard (AES) and in-transit security between your browser and our servers is always encrypted end-to-end by Secure Sockets Layer (SSL).
Yes. Dozuki’s secure API makes it easy to integrate with other systems. View our full API documentation here.
Yes. You can leverage Single Sign-On (SSO) which will allow your users to sign-in using your company’s existing authentication system. View our SSO documentation here. Keep in mind, if you use SSO, we do not store or have access to user passwords for support purposes.
Yes. You can specify a time after which your users will automatically be logged out.
Dozuki can help you with achieving compliance with ISO, ITAR, AS, FDA 21 CFR, and many others. If there are specific certifications you are looking to achieve or maintain, please contact us for more information on how we can help.
You do. Dozuki has no ownership over your site’s content.
No. We only request access in extremely rare instances of critical bug fixes and will always ask your permission first.
Yes. Backups occur automatically, roughly every 15 minutes.
If you decide to discontinue use of Dozuki, after 30 days we will securely delete and wipe any data kept in your site. Upon request we will provide you with a standardized oManual (http://omanual.org, IEEE standard 1874) export of all of your site’s content.
We maintain backup copies dating back two years.
Amazon Web Services (AWS) EC2.
AWS’ cloud infrastructure is designed and managed to comply with the strictest regulations, standards, and best-practices including:
For additional information on AWS:
Yes. Your Dozuki instance can be hosted on ITAR compliant servers, as approved by the Department of Defense (DoD).
All passwords, credentials, and payment information are encrypted; we never store these in plain text.
Over the previous 365 days, Dozuki has experienced 99.999% uptime.
Yes. If due to compliance requirements your systems must pass validation when updates are released, both our OnPrem and CloudPrem solutions support validation.
Yes. To offload the validation burden from our customers Dozuki provides validation services for our CloudPrem and OnPrem subscribers.
Dozuki provides a complete validation package for each release, including a validation project plan, requirements documents, a test protocol, Infrastructure Qualification (IQ), Operational Qualification (OQ), traceability matrices, and a validation summary report.