Legal
System Access & Authentication Policy
Who is allowed access to Zerix systems and databases, and the controls in place to enforce least privilege.
Last updated: 1 October 2025
Access to Zerix systems and databases is strictly limited to authorised personnel.
Controls
- Two-Factor Authentication (2FA) for all admin and developer accounts.
- Principle of least privilege for database and API access.
- Automatic session timeouts and credential rotation every 90 days.
- Role-Based Access Control (RBAC) for all users and tenants.
User accounts are deactivated within 24 hours of employment or contract termination.