Security and Data Protection

We understand the importance of securing your data and intellectual property—which is why we have built a comprehensive security management framework that enables us to handle your most sensitive information. Zibal has started the process of bringing its corporate Information Security Management System to compliance with ISO/IEC 27001:2013, with the aim of achieving official certification of compliance with the standard.

Intellectual Property Protection:
All Zibal personnel and affiliates having access to proprietary client information (data, documentation, software etc.) are contractually committed to protect that information. Under these agreements, our staff must keep confidential all work-related information, data, software, and documents and surrender all such materials upon termination of service engagement to the employer.

Information Security:
The Zibal information security policy determines acceptable use of all data and equipment owned by Zibal , our partners, and our customers. The building blocks of the Zibal information security policy are:

Control over access to data, resources and equipment, including Zibal premises
Ongoing interactions with customers regarding security requirements and issues
Effective business continuity planning, which ensures uninterrupted performance of business-critical processes

Personnel Security:
Zibal fully realizes human behavior is often the most important factor in preventing data breaches. Ongoing training ensures that all employees understand information security threats and are capable of effectively applying Zibal ’s policies.

Product Security:
Zibal aims at ensuring security and safety of the software products and program code we create or take part in. Product security process has been developed, implemented and is now being maintained and evolved corporate-wide.

Product security is management of security and safety of the software products throughout their lifecycle, which includes:
These activities result in product security risk management and treatment plans, unique for each project.
Corporate Product Security process development presumes deep systematic work of every Business Unit on the analysis of threats and vulnerabilities of software products and program code, study of industry standards and best practices to follow, gaining profound knowledge and competence in this sphere, corporate education.