SERVICE ORGANIZATION CONTROL 2(SO2)
Reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy. The standard for regulating these.
Is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee. ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit.
GENERAL DATA PROTECTION REGULATION (GDPR)
Seeks to create a harmonized data protection law framework across the European Union (EU) and aims to give citizens back the control of their personal data, whilst imposing strict rules on those hosting and "processing" this data, anywhere in the world.
CRM IS NOT PAYMENT CARD INDUSTRY (PCI) COMPLIANT
PCI compliance is adherence to a set of specific security standards that were developed to protect credit card information during and after a financial transaction. PCI compliance is required by all credit card brands. HOWEVER, with the new encrypted custom fields feature private fields (such as Social Security and Driver’s License Numbers) can be stored securely in CRM.
ALL ZOHO FINANCIAL APPLICATIONS ARE PCI COMPLIANT
i.e. Zoho Books, Invoice, Inventory, Subscription etc. However, CRM is NOT.
Is CSA certified. Certified Senders Alliance (CSA) is a quality certification for mailbox service providers like Zoho Campaigns and it adds more value to the brand, making them enter the trusted senders league. With Zoho Campaigns, there'll be:
o A professional and certified way of email marketing.
o A visible increase in the email open rates.
o An improvement in email deliverability with whitelistedIPs.
o Inbox placement for emails—this means, emails will be directly delivered to recipients' inboxes (for a few major ISPs).
o Protection against any legal risk.