The security and protection of your data is of the utmost importance to Zeuss. We employ the latest standard sof encryption technology and security procedures to provide ironclad protection of your data.
When you enter sensitive information (such as your email account information), Zeuss may collect your email metadata, email content, contacts, and/or calendar in order to perform required analysis for your account. Your email account password, Zeuss account password, contents of your emails, contacts, and calendar are not visible to Zeuss employees nor anyone else without your express written consent. (For data privacy for enterprise accounts, see bottom of page).
Zeuss takes great steps to protect this information, and has the following security measures in place:
Application and User Security:
- User Authentication: User data on our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on. Zeuss issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include the password of the user.
- User Passwords: User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.
- OAuth: Zeuss may use a technology called OAuth if you use Google gmail. The password that you enter is not visible to Zeuss since the login page is controlled completely by Google. Once Google verifies your credentials, you are then given the choice by Google to allow/deny Zeuss access to your email data. By default, once you authorize Zeuss via OAuth, the next time you log in to use it Google will avoid asking your permission again.
- SSL Encryption: We encrypt the transmission of all information using secure socket layer technology (SSL). We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it.
Data Center Security:
- SSAE 16 Type II SOC1 and SOC2 certification.
- PCI Data Security Standard certification.
- Physical site monitoring and recording using CCTV.
- Multiple two-factor electronic and biometric authentication.
- Staffed 24x7x365 by security officers.
- Visitors & Equipment are screened upon entry.
- Power: Primary & Backup Systems including UPS and Generators (minimum N+1 Redundancy).
- Cooling: Robust HVAC system provides stable airflow, temperature and humidity (minimum N+1 redundancy).
- Flood Control: Structure is built above sea level with flood monitoring and control systems.
- Fire Detection and Suppression: Multi-zoned, pre-action fire suppression system.
- Earthquake: Seismic Design Category A.
- Port Blocking/Forwarding
- Site-to-Site & Client-to Site VPN Tunnel
- Intrusion Detection & Prevention Systems (IDS/IPS)
- RPO: Daily (Nightly 12:00am to 6:00am)
- RTO (Estimates below):
- File/Folder – 8 Hours (Business Hours) or 36 Hours (Non-Business Hours)
- Virtual Machine – 24 Hours (Business Hours) or 48 Hours (Non-Business
- Retention: 1 Daily, 7 Weekly, 4 Monthly, 12 Yearly, 7 Years.
Zeuss for Enterprise Users
If you have a Zeuss for Enterprise account, your Administrator may be able to:
- Access information in and about your Zeuss Enterprise account.
- Disclose, restrict, or access information that you have provided or that is made available to you when using your Zeuss Enterprise account.
- Control how your Zeuss for Enterprise account may be accessed or deleted.
Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and usernames, and storing them safely.
If you have any questions about security on our website, you can contact us at security@Zeuss.com.