Zillable Security Practices

zillable-security-practices

Data Security and Compliance is Fundamental to Our Mission

The security of your data, including personal information, privacy, and compliance is our top priority. We recognize that data is an essential corporate asset and must be safeguarded at all costs. As innovation is the cornerstone of which our platform is built, we understand that loss of information can lead to both financial and intellectual property loss. That's why we ensure client data are secured, confidential, and private for every client that trusts their data on our platform - regardless of company size. In fact, we use the Zillable platform for all of our internal communication. The integrity of data protection and security practices are vital to safeguard all client data, as well as our own.

two-factor-authentication

Two-Factor Authentication

For added security, Zillable allows integration of two-factor authentication (2FA). 2FA is simply the process of using a password plus something else to log in to increase the security of the site or your log in credentials. With 2FA enabled, only your members can log into your Zillable network, even if their passwords are compromised or stolen.

single-sign-on

Single Sign-on

Where enterprise-class IT requirements must be met prior to widespread adoption of Zillable, we’ve made it easy for you to onboard everyone quickly — and ease your IT concerns. SAML-based single sign-on (SSO) gives your team members access to Zillable through an identity provider (IDP) of your choice. With SAML, companies (and IT departments) have full control over the authorization and authentication of Zillable user accounts.

security-features-for-team-members-and-admin

Security Features for Team Members & Administrators

The highest security risk to any network is usually the behavior of its users. That's why we have automated data protection built-in, with detailed, centralized logs so that you have the tools to know who has accessed your Network data. For example, each time a user signs in, the device that was used, as well as the IP address of the location is consolidated and stored in centralized access logs, accessible by you.

access-log

Access Log

Access detailed logs that can reveal important information about employee activity. Use real time information to identify unusual activity affecting your private network.

password-maintenance-protocol

Password maintenance protocol

We are extra vigilant in protecting our user account system. Our password system is encoded with SHA-256 + secret key + salt supported by Spring Security. In the event of a hack, we further protect user passwords with salted password hashing. Salt is used to prevent dictionary and brute-force attacks against the key in the event the encrypted data is compromised.

encryption-in-transit

Encryption in Transit

Your Zillable collaboration network is private to your company. Only users with a valid and verified email address for your company can join your Zillable collaboration network. Zillable was built from the ground up as a consumer-grade platform, with enterprise-grade security built-in at every level. Zillable uses 256-bit encryption. All data is sent over a secure, SSL/HTTPS connection, the same encryption technology used by banks.

encryption-at-rest

Encryption at Rest

All types of data on your private network are encrypted at rest using current FIPS 140-2 compliant encryption standards. We monitor the changing cryptographic landscape closely and work promptly to upgrade Zillable to respond to new Cryptographic weakness as they are discovered and implement best practices as they evolve.

Enterprise-grade Protection and Compliance for Companies of all Sizes

enterprise-grade-protection-and-compliance

Your Zillable network is private to your company. Only users with a valid and verified email domain (i.e. your company's work email) can join your network. Zillable was built from the ground up as an enterprise-grade collaboration and innovation platform with security built-in at every level. It continues to be our priority to provide the highest-degree of team administrator monitoring tools and control so you know how your data is accessed and by whom at anytime.

apps-controls

App Controls to Manage Shadow IT

The average number of apps used by large company employees is 928, many of which including note-taking and cloud storage, or SaaS apps. While many of these tools help employees be more productive, it opens up a tremendous security risk. That’s why we built a collaboration suite that eliminates the need for 99% of the apps your employees use while providing strict app controls for that remaining 1% of apps employees in your private network can't do without. Admins simply choose to restrict apps entirely or to only allow approved apps to be installed. It's that simple.

apps-controls

Compliance with Regulations for Data Retention

Organizations are often required to hang onto certain types of information for specified amount of time or to remove data after a project (e.g., M&A due diligence). Further, different types of data are subject to different types of retention periods. Zillable provides flexible and customizable data retention policy options, allowing configuration on a Network-wide or per-Space basis, and even at certain content type or users.

Your Data, Protected Down to the Individual

right-over-customer-data

Rights over customer data

Zillable customers retain control and ownership of their data. Please review Zillable’s Terms of Use or the signed customer contract for more details. Zillable is a data processor and has no rights to any content or responsibilities for the data posted within Zillable. Upon termination of a license agreement, we will collaborate with the customer on retrieval and assignment of relevant customer data to the customer. Professional service fees may be applied. We endeavor to only retain customer data for so long as necessary to ensure the safe transfer of relevant data to the customer.

legal-hold

Legal Hold

Zillable goes beyond compliance. Most collaboration tools today provide data retention options. But is that enough? Zillable goes further providing companies who have regulatory and legal requirements to preserve communications and data the additional abilities to retain the original data, edit logs, and even exercise legal hold on certain data or users. This level of detailed control is unprecedented, allowing companies to avoid the pitfalls of e-discovery and legal sanctions and save hundreds of thousands in legal and compliance costs and on third party solutions.

Confidentiality and Privacy

We place strict controls over customer data

Confidentiality

We regard the information you share within your Zillable network as private and confidential to your network. We place strict controls over our employees’ access to internal data and are committed to ensuring that your data is never seen by anyone who should not see it.

Privacy

A fundamental privacy principle we abide by is that anything you post to Zillable is private to your network. That is, viewing the messages and files shared within a specific network requires authentication as a member of that network. If you are using Zillable in a workplace or on a device or account issued to you by your employer or another organization, they will most likely have their own policies in place regarding storage, access, modification, deletion, and retention of communications and content.

Experience an enterprise-grade team automation app for free!

Legal - Regulatory - IT - Security Protocol - Data Protection

Experienced Team

experienced-team

Our R&D team members are experienced and keep their skills up to date as industry best practices evolve. We've coded, tested, and administered many enterprise-grade applications and we bring the collective wisdom that comes with years of experience to Zillable. In fact, our founder built his career on intellectual property and security of data, particularly IP, which is as important to you as it is to us. If you have additional questions regarding data privacy, security, or confidentiality, we'd be happy to answer them. Please write to hello@zillable.com and we'll respond as quickly as we can. If you believe you have found a security vulnerability on Zillable, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.