ZUAR Corporate Policies

Overview

ZUAR Corporate Policy Overview

Data Retention

This page describes the ZUAR policy for maintaining customer data for hosted products. Data Retention During Product Subscription PeriodZuar products can house customer specific data in a database (typically PostgreSQL) and/or in

Company

Asset Management

ZUAR corporate policy is that all customer sensitive data is stored in a customer dedicated VPC location. No sensitive data live on ZUAR hardware.

Security

Encryption

ZUAR hosted systems are single tenet in design. Each tenet system is individually configurable and the overall security policy of a particular system is determined by this configuration. During transferAll sensitive data is

Security

Information Security Policy

The management of ZUAR Inc, a Delaware corporation, are committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout their organization in order to preserve its

Company

Workplace Policies

Equal Employment Opportunity PolicyZuar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin,

Company

Anti-Harassment and Complaint Procedure

ObjectiveZuar strives to create and maintain a work environment in which people are treated with dignity, decency and respect. The environment of the company should be characterized by mutual trust and the absence

Company

Bring Your Own Device (BYOD) Policy

ObjectiveThis policy establishes Zuar guidelines for employee use of personally owned electronic devices for work-related purposes. ScopeEmployees of Zuar may have the opportunity to use their personal electronic devices for work purposes. Personal

Company

Confidentiality and Inventions

ObjectiveThis policy summarizes Zuar employees’ responsibilities as they relate to confidentiality and inventions. The objective of the policy is to further the interests of Zuar and to permit Zuar to comply with its

Incident Response

The person who discovers the incident will call the grounds dispatch office. The known sources should be provided with a contact procedure and contact list. Sources requiring contact information shall be: a) JIRA

Customer

Product Support

The following outlines Zuar product support for customers with active product subscriptions. Support SiteCustomers have access to Zuar's support site: https://www.zuar.com/support On this site, customers can create and track

Development

Software Development Lifecycle (SDLC)

The Software Development Lifecycle (SDLC) consists of the following steps: Software design changes are documented in a JIRA Epic by the Senior Architect in charge of the project.Each epic is broken down

Security

Access Control Policy

This page describes the ZUAR policy for how employees authenticate to the network and systems. Access should be the least privileged (based on a need-to-know basis). This policy assigns access rights to employees

Security

Key Management

Key management strictly adheres to the OWASP guidelines Key AccessAll encryption keys must be protected in such a way that only authorized users and applications may access the keys. The media used to

Customer

Disaster Recovery

The Disaster Recovery plan for all Zuar products is to restore from a snapshot of the product image. Typical restore time is a matter of minutes once a restore/recovery is scheduled. This