Your Security,
Our Priority

At Zamp, we understand the importance of security when it comes to handling financial data. We take our responsibility to protect your data very seriously and have implemented a number of security measures to ensure that your financial information is safe. Our security perimeter is air-tight, meaning that it is very difficult for unauthorized individuals to access your data. We also have a team of security experts who are constantly monitoring our systems for any potential threats.
In addition to our security measures, we also take a proactive approach to data protection. We regularly review our security policies and procedures to make sure that they are up-to-date and effective. We also work closely with our customers to ensure that they are aware of the latest security threats and best practices. We understand that you need to be able to focus on building your business, without having to worry about the security of your financial data. That's why we take care of it for you.

We maintain highest standards of security with SOC-2 & ISO/IEC 27001:2022 compliance.

Data-in-transit: All our communications at transit external or internal are done via secure and encrypted channels.
Data-at-rest: We use the Advanced Encryption Standard (AES) algorithm with a key size of 256 bits and with a unique and proper encryption key rotation policy for each customer.

data is secure on our platform. All the data you’ve uploaded can only be accessed by you.
At our network layer, we use Firewall to protect your data from all possible threats. In addition, we have other solutions to detect Virus and Malware on the host systems. These include IDS (Intrusion Detection System) and IPS (Intrusion Prevention System). All new vendors, assets and activities pertaining to processing financial data are subject to a review of privacy, security and compliance.

We follow left shift development practices, which means that we rigorously test our platform for security measures throughout the development process. By default, we use time-based authentication and a dual layer of security with multi-factor authentication (MFA) to ensure that your funds are always safe. We also collaborate with App Secure to ensure a strong application security perimeter. Finally, we perform detailed vendor risk assessments (TRAs) of all of our vendors to ensure that you are safe.

At Zamp, we have a proactive security approach wherein, we are constantly committed to secure our perimeter. We perform regular audits on the entirety of our platform and ensure that any security lapses are prioritized with immediate effect. In addition to that, we have security quality check gates in our deployment pipeline which enables us to be ahead of the curve.

We have incident response policies and procedures to address service availability, integrity, security, privacy and confidentiality issues.

Zamp takes data protection seriously. All data, including databases, storage buckets, logs, and message queues, are versioned and retained. In the event of data loss, we have hourly backups that we can use to restore the data immediately. All data suites are monitored and backed up constantly. All backup jobs have monitoring in place to ensure that they are running correctly. Finally, if a customer requests to have their data removed from our platform, we remove it immediately.

We invest in continuous security training for our employees, so they can identify and mitigate threats like social engineering, phishing scams, and hackers. Our engineering and product teams, who have access to customer data, are subject to criminal history and credit background checks. All employees sign a Privacy Safeguard Agreement, which outlines their responsibilities in protecting customer data.

We encourage ethical hackers to report any security vulnerabilities they find in our systems to us through our responsible disclosure policy.
Our policy can be found here.Ethical hackers who report vulnerabilities to us in accordance with our policy will be acknowledged and rewarded.
We also welcome ethical hackers to collaborate with us to help us strengthen our security perimeter.