Security at Dozuki

Enterprise-Grade Data Security

Trust Dozuki to keep your data secure and meet compliance requirements

Security is built into the fabric of our product, processes, and infrastructure so you can rest easy knowing your proprietary data is safe and always available when you need it.

Dozuki takes extensive measures to: protect your proprietary data, maximize availability through redundancy, and provide systems that meet the most stringent administrative, technical, and physical security requirements.

21972-312_SOC_NonCPASOC 2 Type 1 Compliant

Dozuki is compliant with Service Organization Control (SOC) 2 Type 1 from AICPA.

Our full SOC 2 Type 1 report is available (under NDA) to our existing and potential customers. Please contact your Account Manager directly or submit a request to our security team here.

Access Controls

Ensure that only the right people have access to your company’s information in Dozuki with features like single sign-on, IP whitelisting, auto-logout and more.

Private Hosting

Option to host Dozuki on your own servers, gives you full control over required security and update protocols. Leveraging your own hardware also allows you to run air gapped without an internet connection.

Data Protection

Information is backed up multiple times daily and stored remotely, while 256-bit data encryption in-transit and at-rest adds additional layers of protection.

Secure Physical Infrastructure

Our state-of-the art network is located in a secure data center. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.

Secure Servers, Top to Bottom

Our servers run on a peer-audited, Linux-based open source stack. We update our servers frequently with the latest patches and run our entire network behind enterprise-grade firewalls. Our servers are scanned regularly by an independent third party security vendor.

Flexible Hosting

Dozuki can be hosted in different ways to meet your unique technical requirements: hosted in our Dozuki Cloud, in your own private cloud, or on your own local servers. Hosting Dozuki on your own servers gives you the ability to run Dozuki in an air-gapped environment to meet even the most strict network security policies.

Data Redundancy

We're fanatical about uptime. All servers have always-on backups. If one system goes down, another automatically replaces it. Data stored on Dozuki is redundantly housed in multiple physical locations and is frequently backed up using different location points.

Data Security

All data on Dozuki sites is encrypted at-rest using the Advanced Encryption Standard (AES) and in-transit security between your browser and our servers is always encrypted end-to-end by Secure Sockets Layer (SSL).

 

Frequently Asked Questions

Application Security

Data Control

Hosting and Infrastructure

  • What servers do you host Dozuki on?

    Amazon Web Services (AWS) EC2.

    • US West Region
    • US East Region

     

    AWS’ cloud infrastructure is designed and managed to comply with the strictest regulations, standards, and best-practices including:

    • HIPAA
    • ITAR
    • FIPS 140-2
    • ISO 27001
    • SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
    • SOC 2
    • SOC 3
    • PCI DSS
    • Level 1 FedRAMP(SM)
    • DIACAP and FISMA
    • CSA
    • MPAA

     

    For additional information on AWS:

  • Can Dozuki be hosted on ITAR compliant servers?

    Yes. Your Dozuki instance can be hosted on ITAR compliant servers, as approved by the Department of Defense (DoD).

  • What types of encryption does Dozuki use?

    At-rest data encryption on Dozuki sites varies depending on the installation type you are using: 
    • For standard Dozuki hosted sites 128AES encryption. 
    • For CloudPrem customers 256AES encryption.
    • For OnPrem customers the encryption method is your choice.

    All passwords, credentials, and payment information are encrypted; we never store these in plain text.

    • Passwords are encrypted with bcrypt, and each one has a unique salt.
    • Third party keys are encrypted using AES-128-CBC and contain a SHA256 HMAC to verify the ciphertext's integrity.
    • Payment information is encrypted with 3DES-ECB.
  • What kind of firewalls does Dozuki use?

    • AWS Security Groups and Access Control Lists allow us to keep a very small amount of ports open on the small number of machines that need to be accessed externally. View the AWS documentation for more information.
    • In order to handle large amounts of traffic faster, we dynamically inspect all traffic by caching results directly instead of having to make multiple calls for each user loading a page.
    • We also deploy numerous monitoring systems which directly alert our response teams at the earliest sign of an issue.
  • What kind of support does Dozuki provide?

    • Standard customer support hours are Monday-Friday 8:00AM - 6:00PM PDT.
    • Extended customer support is available for our Enterprise subscribers.
  • What is your level of availability?

    Over the previous 365 days, Dozuki has experienced 99.999% uptime.

  • What browsers do you support?

    • Chrome
    • Firefox
    • Internet Explorer 11
    • Edge
    • Opera
    • Safari

System Validation

Have more questions about security in Dozuki, or want to learn more about how Dozuki can help your company?

 

Get a Virtual Tour