Data Security

Last updated: December 19, 2025

1. Security Overview

PropZura is built with a security-first mindset. We combine layered defenses, continuous monitoring, and strict operational controls to safeguard customer data throughout its lifecycle.

2. Encryption

  • TLS 1.2+ for data in transit across all endpoints.
  • Encryption at rest using industry-standard ciphers for databases and backups.
  • Key management with restricted access and rotation policies.

3. Identity & Access Management

  • Role-based access control with least-privilege defaults.
  • MFA enforcement for administrative access.
  • Access reviews, approvals, and revocations tracked and audited.

4. Infrastructure & Network Security

  • Segmented networks and private subnets for sensitive services.
  • WAF and DDoS protections on public-facing endpoints.
  • Hardened OS images, patch management, and configuration baselines.

5. Application Security

  • Secure SDLC with code reviews and automated dependency scanning.
  • Static and dynamic application security testing in CI/CD.
  • Secrets management and environment isolation for staging and production.

6. Logging & Monitoring

  • Centralized logging with retention policies and access controls.
  • 24/7 alerting for anomalous activity and critical events.
  • Audit trails for administrative actions and authentication events.

7. Data Management

  • Backups with tested restore procedures and defined RPO/RTO targets.
  • Data minimization and logical segregation of customer data.
  • Retention policies aligned to business and regulatory needs.

8. Incident Response

We maintain an incident response plan covering detection, containment, eradication, recovery, and post-incident review. Customers will be notified of material incidents in accordance with applicable laws and contractual commitments.

9. Vendor & Third-Party Management

  • Due diligence on security posture of critical vendors.
  • Data processing agreements where required.
  • Continuous monitoring for changes that could impact risk.

10. Customer Responsibilities

  • Protect login credentials and enforce MFA for your users.
  • Configure access controls and sharing settings appropriate to your organization.
  • Keep endpoint devices patched and protected.

11. Compliance & Assurance

We align our practices to industry best standards and will provide security documentation or attestations under NDA where appropriate.

12. Contact

PropZura Security Team

Email: security@propzura.com

Support: support@propzura.com

For urgent security matters, include "Security" in the subject line.