ข้ามไปยังเนื้อหาหลัก

ข้อตกลงและข้อกำหนด

นโยบายและแนวทางปฏิบัติ

เครื่องหมายการค้าและทรัพย์สินทางปัญญา

การจัดซื้อและซัพพลายเออร์

การปกป้องข้อมูลและความเป็นส่วนตัว

Features and Functionalities for the Advanced Security Deployed Associated Service:

Last Modified: December 1, 2020

As of Subscriber’s execution of an Order Form that references Subscriber’s purchase of this Deployed Associated Service (“Add-On”), the features and functionality detailed below will be provided to Subscriber. Zendesk reserves the right, at its sole discretion, to update these Add-On features and functionality detailed below, but agrees that these Add-On features and functionality will not be materially decreased during the Subscription Term.

Zendesk provides the security features and functionalities set forth below (“Security Standards”). As detailed herein, certain Security Standards are only applicable to certain Zendesk Services unless Zendesk notifies You in writing to the contrary. Additional information about the security for third party integrations that Subscribers can enable within the Services can be found here. These Security Standards and the Add-On do not apply to the following aspects of the Services: functionality within Zendesk Support and Chat that integrates with third party messaging providers, Zendesk Connect, Zendesk Sunshine, Zendesk Sell, Zendesk Sunshine Conversations and Custom Objects, Custom Events, and Unified Profiles to the extent such functionality is available in Zendesk Support. If Subscriber purchases the Zendesk Support Suite or Sales Suite, the Add-On will apply to the underlying Services that make up the Zendesk Support Suite or Sales Suite, as applicable, that are covered by the Add-On.

If Subscriber has an existing Zendesk Support Account prior to the date of execution of the Order Form, Subscriber acknowledges and agrees that a copy of Subscriber’s Service Data may be created during the migration process to a location with these Security Standards for the purposes of assuring that all primary Service Data has been fully migrated. This assurance process conducted by Zendesk may take up to thirty (30) days from the date that the migration has commenced. After the migration process has been completed and confirmed, the deletion of the copy of Subscriber’s Zendesk Service Data in the former data center location will commence according to Zendesk’s data deletion policy available here.

  1. Risk Management.
    • An annual information security risk assessment is performed covering processes and information assets.
    • The risk assessment is conducted using an industry standard methodology (traditionally ISO 27002) to aid in identifying, measuring, and treating known risks.
    • When applicable, risk assessment results and risk mitigation suggestions are shared with executive management team.
    • Risk assessment results specify risk rankings, and where necessary may include, proposed changes to systems, processes, policies, or tools, in order to reduce security vulnerabilities and threats.
    • Annual audit of risk assessment results performed by qualified third party.
  2. Security Policy.
    • Policies, including those related to data privacy, security and acceptable use, are assessed and approved by senior management. Policies are documented and published to all relevant personnel.
    • Employees, contractors and third-party workers are required to comply with policies relevant to their scope of work.
    • New employees are required to receive “New Hire Training” which includes training modules on confidentiality obligations, information security, compliance, and data protection.
    • Upon engagement, new contractors and third-party workers who may have access to information systems and/or assets, are required to review and acknowledge receipt of “New Hire Training” security materials.
    • Employees are required to receive annual security training, which covers information security policies and data handling best practices/expectations with attendance at security training being tracked to ensure receipt of relevant security information.
    • Where required, policies are supported by associated procedures, standards, and guidelines.
    • Information security policies are updated, as needed, to reflect changes to business objectives or risk.
    • Senior management performs an annual review of information security policies.
    • Employee guide/handbook and/or onboarding materials contain sections on password requirements, Internet usage, computer security, confidentiality, social media, and customer data protection.
  3. Organization of Information Security
    • Maintain a dedicated information security team, with security responsibilities shared across various business units.
    • A qualified third-party performs an annual audit of the information security program.
    • Confidentiality and non-disclosure agreements are required when sharing sensitive, proprietary personal or otherwise confidential information with a third-party.
    • A formal process is in place to manage third parties that will have access to organizational data, information systems, or data centers. All such third parties commit contractually to maintaining confidentiality of all confidential information.
  4. Asset Management.
    • Ownership assigned for all information assets.
    • Maintain an information assets classification policy and classify such assets in terms of their value, legal requirements, sensitivity, and criticality.
    • Employee desktops and laptops utilize encrypted storage.
    • Maintain a Data and Media Management Policy that covers the disposal of electronic assets and associated media.
  5. Human Resources Information Security.
    • Security roles and responsibilities for employees are defined and documented.
    • Background screening of applicants including job history, references, and criminal is conducted (subject to limitations imposed by applicable laws).
    • New employees are required to sign employment agreements, which include comprehensive non-disclosure and confidentiality commitments.
    • Formal information security awareness and training program required that is included in new hire training, annual training, quarterly awareness testing, and annual developer secure code training.
    • Information security awareness is enhanced through regular communications using internal social media tools and company-wide emails, as necessary.
    • Maintain attendance records for formal security awareness training sessions.
    • Employees with responsibility for information security participate in additional training on security protection techniques, risks, and latest trends.
    • Human Resources department notifies Information Technology and Operations Teams of changes in employment status and employment termination.
    • Maintain a documented procedure for notification of Information Technology and Operations teams upon changes in employment status and employment termination (including notification, access modification, and asset collection). New third party service providers whose services involve access to any confidential information go through a vendor assessment process and must agree contractually to data privacy and security commitments commensurate with their access and handling of confidential information.
    • The Master Subscription Agreement and Privacy Policy to which you are subject include provisions related to the sharing of data with third party service providers and their obligations to maintain the confidentiality of that data.
  6. Physical and Environmental Security for data centers and corporate facilities We use.
    • Physical security controls in all data centers utilized in providing the Service, including protection of facility perimeters using various access control measures (including biometric identification, supervised entry, 24/7/365 on-premise security teams, CCTV systems).
    • Access to data centers is limited to authorized employees or contractors only.
    • Controls are in place to protect against environmental hazards at all data centers.
    • All data center facilities have successfully been attested to SSAE 16, SOC 2 type 2, ISO 27001, or similar requirements.
    • Office space is secured from visitor access except for areas staffed by reception or security personnel. All elevators and additional access points are secured and require assigned badges to access.
  7. Communications and Operations Management.
    • The operation of systems and applications that support the Services is subject to documented operating procedures.
    • Operations team maintains standard server configurations. Systems are deployed and configured in a uniform manner using configuration management systems.
    • Maintain change control programs for Development, Operations, and Information Technology teams.
    • Separate environments are maintained to allow for the testing of changes.
    • Third-party access to systems is audited on a quarterly basis.
    • All production servers are monitored by a file integrity monitoring (FIM) solution to detect any changes to sensitive files and directories.
    • Maintain documented backup procedures. Full or incremental backups are performed daily for all production databases. Data backups are stored at an alternative location, encrypted at-rest, and retained for at least ninety (90) days. Following this, backups are destroyed pursuant to the then-current deletion policies in effect.
    • All systems and network devices are synchronized to a reliable and accurate time source via the “Network Time Protocol” (NTP).
    • All servers are configured to log authorized access, privileged operations (administrator actions), and unauthorized access attempts.
    • All servers are logging executed commands via the sudo utility.
    • Support service log files are transmitted to and stored in a separate log server to protect against modification or loss.
    • Company laptops, desktops, and corporate networks utilize tools to detect and block known malicious traffic.
    • Employ tooling or services to mitigate “Distributed Denial of Service” (DDoS) attacks.
    • Employ a dedicated network security team who identifies, validates, and triages security vulnerabilities found in the production environment.
    • Support service logs are reviewed and events are triggered by the Security Incident Event Management (SIEM) system. In order to maintain independence, the Information Security group administers the SIEM.
    • All event-alerting tools escalate into on-call rotations for Our 24×7 incident response teams, providing Operations, Network Engineering, and the Security teams with alerts, as needed.
  8. Access Controls
    • Maintain an “Acceptable Use” policy that outlines requirements for the use of user IDs and passwords.
    • Publish and maintain a password management standard.  

    For Zendesk Support passwords must contain:

    • A minimum of 8 characters
    • Both upper and lower case characters (e.g., a-z, A-Z)
    • A number (0-9) and/or a special character (!@#$%^&*()_+|~-=\ {}[]:”;'?,./)
    • Passwords cannot contain the user ID, and must be different from user’s previous four passwords

    For Zendesk Chat passwords must be at least 6 characters in length.

    For Zendesk Explore passwords must contain:

    • A minimum of 8 characters
    • At least 1 number
    • At least 1 capital letter
    • All users are required to use a unique ID and SSH key for access to the production environment.
    • Generic accounts are prohibited for user access.  Access to the “root” account is restricted to Operations personnel deemed necessary.
    • All access to the back-end servers and network infrastructure require 3 levels of authentication, including 2-factor VPN access to the network, SSH access to the bastion host, and SSH access to the individual servers or network devices.
    • All access controls are based on “least privilege” and “need to know” principles.  Different roles, including limited and administrative access, are used in the environment.
    • Upon notice of termination, all user access is removed. All critical system access is removed immediately upon notification.
    • User access is reviewed at least quarterly for appropriateness and accuracy.
  9. Information Systems Acquisition, Development, and Maintenance.
    • Product features are managed through a formalized product management process.  Security requirements are discussed and formulated during scoping and design discussions.
    • Maintain a “Sustaining Engineering” team whose primary responsibility is identifying and remediating bugs found in the Services.
    • Source code repositories for the Service are scanned regularly by a code quality tool. Any security issues are validated, risk ranked, and placed in a dedicated bug tracking system for remediation.
    • Secure code training (based off the OWASP Top 10 and/or materially similar frameworks) is conducted annually by the Security team.
    • Where possible, utilize native code language framework security controls to limit exposure to common application security risks, including cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection (SQLi).
    • Maintain a QA Department dedicated to reviewing and testing application functionality and stability.
    • Employ a dedicated application security team who identifies, validates, and triages security vulnerabilities found in the code base. Perform third-party security audits using a variety of vendors.
    • Maintain a “Responsible Disclosure Policy” and operate a “Bug Bounty” program that provides an avenue for security researchers to submit vulnerabilities to the information security group for remediation.
    • Application source code is stored in a central repository. Access to source code is limited to authorized individuals only.
    • Changes to software are tested before production deployment. Deployment processes include unit testing at the source environment, as well as integration and functional testing within a test environment prior to implementation in production.
    • Change control procedures are followed for all system and software configuration changes. These controls include, at a minimum, a documented impact for each change, change review, testing of operational functionality, and back-out procedures.
    • Service Data is not used in testing environments.
    • Emergency fixes are pushed to production, as needed. Change management controls are retrospectively performed.
    • Service Data is stored in a shared database environment with other subscribers. Account identifiers are used to distinguish data for different subscribers. Application security controls limit a subscriber from being able to access another subscriber’s Service Data. Access to the shared database environment is limited to specific users.  All actions performed in the database are logged.
  10. Information Security Incident Management.
    • Maintain an incident response process that includes direct participation and cooperation between Support, Security, Legal and Operations teams.
    • Incident response process includes notification, escalation, and reporting. When required, subscriber notification is initiated through the applicable Service, Twitter notifications, reporting tickets, or direct email/phone communication to account contacts.
    • Maintain an incident response plan that is tested on a regular basis, at least annually.  The plan addresses specific incident response procedures, data backup procedures, roles and responsibilities, subscriber communication, contact strategies, and legal and shareholder information flow.
    • Maintain relationships with law enforcement to assist during incidents with criminal intent.
    • Maintain relationships with third-party vendors to assist with forensics and investigations, as necessary.
    • In the event Your Service Data has been involved in a Breach, unless ordered to refrain by law enforcement or government agency, You will be notified within twenty-four (24) hours of confirmation. The notification will come in the form of an email to the registered account owner. Should You wish to add or substitute a security contact, this may be added as a special contact during the contracting process.
  11. Business Continuity Management.
    • Utilize database replication architectures for redundancy.
    • Database backups are stored locally in data centers, as well as copied to a remote storage location. Remote backup archives are transferred using encrypted HTTPS and stored at-rest using encryption.
    • Redundant data center infrastructure implemented to better support high availability across the entire system. Each key service layer includes redundant components that mitigate the impact of predictable failures, and also allow for capacity scaling as subscriber data and usage grows:
      • Utilize redundant edge infrastructure to alleviate single points of failure and allow for system upgrades.
      • Email, proxy, and application services will be deployed with fault tolerance in mind and designed to accommodate spikes in traffic.
      • Database services are configured into clustered groups that are comprised of a master database and multiple slave databases. This type of clustered deploy allows for failures as well as provides scaling and the ability to complete maintenance with a minimum of impact to ongoing operations.
  12. Zendesk Support Service Application Security Features.
    • Zendesk Support performs daily backups of Subscriber‘s Service Data, to provide basic disaster recovery.
    • As an Add-On Subscriber, Subscriber will receive real-time data replication as well as priority cloud resiliency within Zendesk’s multiple Availability Zone AWS cloud environment.
    • Subscriber is assigned to a specific POD on Zendesk’s global AWS cloud platform, built in alignment with the AWS Disaster Recovery framework for high service resiliency and exceptional data durability.
    • Subscriber will also benefit from traffic prioritization and enjoy priority in Zendesk’s recovery plan over other subscribers who have not purchased an Add-On with enhanced disaster recovery commitments.
    • Further, the Zendesk infrastructure within each region is spread across two, and sometimes three, physically diverse data centers (“Availability Zones”) to provide increased redundancy. In the event of a significant issue impacting a data center, this structure allows Zendesk to recover within the surviving data center(s), and for traffic for the Add-On Subscribers to be prioritized over other subscribers who have not purchased the Add-On. Some additional information on recovery services applicable to Add-On Subscribers includes:
      • The secondary Availability Zones, along with AWS elastic scaling capabilities provide for quick recovery of service, or in some cases, continuous operation
      • Zendesk’s migration from a data center to an AWS cloud platform has enhanced the overall redundancy and recovery flexibility of the Services. Enhanced disaster recovery combines AWS Availability Zone redundancy with Our Cloudflare edge network capability to prioritize Add-On Subscriber traffic while additional capacity is restored for other subscribers.
    • Zendesk maintains a program of test activities and events to ensure that Our plans for priority recovery of the Services are effective. The scenarios for these exercises vary and test different elements of Zendesk’s business continuity and disaster recovery plans to validate the overall strength of the plan.

    12.1 Authentication.

    • Supports numerous user authentication methods including:
      • Native user authentication.
      • For Zendesk Support only, social media SSO (Google, Twitter, and Facebook).
      • For Zendesk Support only, enterprise SSO (SAML and JWT).
      • For Zendesk Support only, multi-factor authentication using Google’s 2-Step Verification.

    12.2 Authorization.

    • Depending on the Zendesk Support Service Plan selected, Zendesk supports various roles with differing privileges in the system for Support. The standard roles include: Administrator, Agent and End-User.
    • Depending on the Zendesk Chat Service Plan selected, Zendesk supports various roles with differing privileges in the system for Zendesk Chat only. The standard roles include: Visitor, Administrator and Agent.

    12.3 Password Controls.

    • Zendesk Support provides 3 levels of password controls along with configurable settings:
        • High Must be different than the previous 5 passwords; Must be at least 6 characters;
        • Must include letters in mixed case and numbers;
        • Must include a character that is not a letter or number, and
        • Expires after 90 days.
        • Medium Must be at least 6 characters, Must include letters in mixed case and numbers, and
        • Must include a character that is not a letter or number.
        • Low Must be at least 5 characters.
    • Subscriber passwords for the Services are protected with salted password hashing using industry recommended tools and algorithms.

    12.4 Network Controls.

    • TLS encryption for transmission of authentication credentials and Service Data over public networks when interacting with the UI and API.
    • TLS certificate hosting (may only apply to limited Zendesk Support Service Plan(s) as indicated on the Site).
    • IP restrictions to whitelist application entry locations (may only apply to limited Zendesk Support Service Plan(s) and Zendesk Chat Service Plan(s) as indicated on the Site).

    12.5 Encryption-at-Rest.

    • Service Data hosted by Us will be encrypted at rest using AES 256. Keys will be securely managed and transmitted by Us and/or the Sub Processor tasked with hosting Service Data.
    • The data encryption key itself is never accessible to any Zendesk employee, never stored at-rest unencrypted, nor transferred in the clear. It is only ever exposed in memory on systems directly performing cryptographic operations on the customer data at rest. Separate master keys and data encryption keys are used in production and staging environments.
    • Encryption-at-Rest restricts access to the encrypted data to processes, rather than users. To access the protected data, each process must be granted specific permission via the encryption agent on each host. To grant this permission, the encryption key must be provided.
    • The only processes granted permission to access the protected data are those used for operating Zendesk Services, and any supporting database administration proxies, automation, and diagnostic tooling. Any attempt by an unauthorized process to access the protected data will be logged and is auditable.

    12.6 Audit Logs.

    • Zendesk Support service audit log shows various account, user, business rule, and app changes. It also includes ticket deletion details.
    • Zendesk Chat service history tab shows various details associated with individual chats and user activity.

    13. Enhanced Disaster Recovery Features for Zendesk Support.

    • Active Service Data replication between data centers (Availability Zones within region) where Subscriber’s Service Data is hosted.
    • Target Recovery Time Objective (RTO) of 4 hours after a declaration of a disaster unless a disaster, or multiple disasters, impacts both data centers at the same time. RTO is the amount of time it takes for Zendesk Support to be restored from the point of Zendesk declaring the incident a disaster.
    • Recovery Point Objective (RPO) of 1 hour or less unless a disaster, or multiple disasters, impacts both data centers at the same time. RPO is the amount of data loss incurred from the incident and is calculated from the point of the disruption not from Zendesk’s disaster declaration.