We know your employee data is essential and needs to be protected no matter where it resides. That’s why Kazoo has adopted the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) including standards, guidelines, and best practices to manage cybersecurity-related risk. Our controls are designed to meet the requirements for System and Organization Controls (SOC) reporting, leveraging both NIST and International Organization for Standardization (ISO) 27001.
We don’t just talk a good game. We test our adherence to available industry standards. Kazoo has achieved SOC 2 attestation, governed by the American Institute of CPAs (AICPA). The SOC 2 examination is performed by an independent accounting firm and demonstrates our ability to meet the AICPA Trust Services Category for Security.
An integral part of safeguarding your employee information is a focus on a healthy culture of security and privacy awareness throughout Kazoo. All employees complete an annual security training program and employ best practices when handling our customers’ data.
Kazoo’s Data Privacy Program is aligned with the requirements of GDPR monitors the data protection landscape across various relevant jurisdictions as well laws at the national and state levels. We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Our service is regularly audited to ensure compliance with relevant laws and regulations.
Customer information is encrypted both during transmission, at rest in production environment and backup using industry standard protocols. The Kazoo platform is securely designed to provide customers with various features to configure (e.g. Single Sign-On) the logical security of their users’ environment in accordance with customer security policies.