Zillable Security Practices
Data Security and Compliance is Fundamental to Our Mission
The security of your data, including personal information, privacy, and compliance is our top priority. We recognize that data is an essential corporate asset and must be safeguarded at all costs. As innovation is the cornerstone of which our platform is built, we understand that loss of information can lead to both financial and intellectual property loss. That's why we ensure client data are secured, confidential, and private for every client that trusts their data on our platform - regardless of company size. In fact, we use the Zillable platform for all of our internal communication. The integrity of data protection and security practices are vital to safeguard all client data, as well as our own.
For added security, Zillable allows integration of two-factor authentication (2FA). 2FA is simply the process of using a password plus something else to log in to increase the security of the site or your log in credentials. With 2FA enabled, only your members can log into your Zillable network, even if their passwords are compromised or stolen.
Where enterprise-class IT requirements must be met prior to widespread adoption of Zillable, we’ve made it easy for you to onboard everyone quickly — and ease your IT concerns. SAML-based single sign-on (SSO) gives your team members access to Zillable through an identity provider (IDP) of your choice. With SAML, companies (and IT departments) have full control over the authorization and authentication of Zillable user accounts.
Security Features for Team Members & Administrators
The highest security risk to any network is usually the behavior of its users. That's why we have automated data protection built-in, with detailed, centralized logs so that you have the tools to know who has accessed your Network data. For example, each time a user signs in, the device that was used, as well as the IP address of the location is consolidated and stored in centralized access logs, accessible by you.
Access detailed logs that can reveal important information about employee activity. Use real time information to identify unusual activity affecting your private network.
Password maintenance protocol
We are extra vigilant in protecting our user account system. Our password system is encoded with SHA-256 + secret key + salt supported by Spring Security. In the event of a hack, we further protect user passwords with salted password hashing. Salt is used to prevent dictionary and brute-force attacks against the key in the event the encrypted data is compromised.
Encryption in Transit
Your Zillable collaboration network is private to your company. Only users with a valid and verified email address for your company can join your Zillable collaboration network. Zillable was built from the ground up as a consumer-grade platform, with enterprise-grade security built-in at every level. Zillable uses 256-bit encryption. All data is sent over a secure, SSL/HTTPS connection, the same encryption technology used by banks.
Encryption at Rest
All types of data on your private network are encrypted at rest using current FIPS 140-2 compliant encryption standards. We monitor the changing cryptographic landscape closely and work promptly to upgrade Zillable to respond to new Cryptographic weakness as they are discovered and implement best practices as they evolve.
Enterprise-grade Protection and Compliance for Companies of all Sizes
Your Zillable network is private to your company. Only users with a valid and verified email domain (i.e. your company's work email) can join your network. Zillable was built from the ground up as an enterprise-grade collaboration and innovation platform with security built-in at every level. It continues to be our priority to provide the highest-degree of team administrator monitoring tools and control so you know how your data is accessed and by whom at anytime.
App Controls to Manage Shadow IT
The average number of apps used by large company employees is 928, many of which including note-taking and cloud storage, or SaaS apps. While many of these tools help employees be more productive, it opens up a tremendous security risk. That’s why we built a collaboration suite that eliminates the need for 99% of the apps your employees use while providing strict app controls for that remaining 1% of apps employees in your private network can't do without. Admins simply choose to restrict apps entirely or to only allow approved apps to be installed. It's that simple.
Your Data, Protected Down to the Individual
Rights over customer data
Zillable goes beyond compliance. Most collaboration tools today provide data retention options. But is that enough? Zillable goes further providing companies who have regulatory and legal requirements to preserve communications and data the additional abilities to retain the original data, edit logs, and even exercise legal hold on certain data or users. This level of detailed control is unprecedented, allowing companies to avoid the pitfalls of e-discovery and legal sanctions and save hundreds of thousands in legal and compliance costs and on third party solutions.
Confidentiality and Privacy
We place strict controls over customer data
We regard the information you share within your Zillable network as private and confidential to your network. We place strict controls over our employees’ access to internal data and are committed to ensuring that your data is never seen by anyone who should not see it.
A fundamental privacy principle we abide by is that anything you post to Zillable is private to your network. That is, viewing the messages and files shared within a specific network requires authentication as a member of that network. If you are using Zillable in a workplace or on a device or account issued to you by your employer or another organization, they will most likely have their own policies in place regarding storage, access, modification, deletion, and retention of communications and content.
Our R&D team members are experienced and keep their skills up to date as industry best practices evolve. We've coded, tested, and administered many enterprise-grade applications and we bring the collective wisdom that comes with years of experience to Zillable. In fact, our founder built his career on intellectual property and security of data, particularly IP, which is as important to you as it is to us. If you have additional questions regarding data privacy, security, or confidentiality, we'd be happy to answer them. Please write to firstname.lastname@example.org and we'll respond as quickly as we can. If you believe you have found a security vulnerability on Zillable, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.