Security
Zea's Trust Center
Application Security
-
Zea is secure by designZea is built around the concept that your CAD data should never leave your premises. Your CAD data is yours and yours only, and it should never be sent to cloud servers hosted by anyone else (including us). All the CAD data processing is handled locally on your premises, and the only data transferred is lightweight visualization data and descriptive metadata over which you have controls to strip out or include.
-
Data PrivacyWe only gather the data we need in order to provide services to you. We store and process this information at Zea and secure third-party platforms like HubSpot and Stripe in full compliance with local regulations. Rest assured that you and your users are in good hands. We do not sell your data.
-
User authenticationZea leverages enterprise-grade authentication platforms, including Firebase Authentication, to ensure secure access. Our system seamlessly integrates with renowned solutions like Google and Microsoft Accounts for enhanced security and privacy.
Password-less
Zea also supports password-less authentication, providing an additional layer of convenience and security. Phishing attacks trick users into exposing their usernames and passwords to malicious parties who then use those credentials to gain access to your companies private data and take control of your cloud resources.
By not using traditional username/passwords, we significantly reduce the surface area for potential attacks. -
User access controlsStanding on the shoulders of giants. Zea is modeled on other established platforms such as Google Drive and GitHub. Each user in Zea is assigned a role which determines the capabilities of the user within the platform. Access to data is managed via workspaces, allowing small or large organizations to manage teams working on different projects at the same time.
Zea Identity and Access Management (ZIAM)
Empower your team with Zea Identity and Access Management (ZIAM). Assign distinct roles such as owner, admin, editor, and viewer, granting appropriate access levels to your organization’s resources. With ZIAM, you can centralize user management and define granular access controls based on roles. -
Secure data formatsYou can be sure that what goes into the platform stays in the platform. The visualization data we generate from the CAD files is based on a proprietary binary file format that can only be viewed on Zea. This binary file format is both very small, making it fast to load, and extremely difficult to reverse engineer.
-
Quality control and automationThe Zea platform undergoes rigorous testing through an extensive suite of automated tests to ensure the robustness and functionality of each feature. By leveraging code validation and automated testing and deployments, the Zea team can develop a highly sophisticated web platform with confidence. This approach guarantees that the platform consistently operates as designed, delivering a reliable and seamless user experience.
-
Vulnerability and penetration testingDon’t take our word for it. While we have taken every measure to build a powerful and secure platform, we also use third party security firms to perform vulnerability assessments and penetration testing. Zea works with Vumetric to perform periodic third-party vulnerability assessments and penetration testing.
Cloud Security
-
Data StorageData retention and backup happen in a secure manner. All cloud services, including databases, storage, and compute, are provided by and hosted on Google Cloud Platform, we run instances and backups in multiple zones and provide 99.99% uptime on the cloud.
-
EncryptionWe encrypt data in transit between your location and our instances on GCP and at rest, ensuring that it can only be accessed by authorized roles and services with audited access to the encryption keys.
-
BackupsAt Zea, we prioritize the safety and integrity of your data. As part of our robust data management practices, we perform weekly backups. These backups serve as an essential safeguard against data loss or corruption. In the event of any unforeseen incidents or data-related issues, we can leverage these backups to restore your data at any point.
-
HostingWe collaborate with world class Google Cloud Platform (GCP) hosting provider, located in the United States. By leveraging the capabilities of GCP, implementing robust backup procedures, and incorporating redundancy into our services, we maintain a secure, fast, and resilient hosting environment. This approach safeguards your data, enhances reliability, and provides peace of mind, allowing you to focus on your core business operations.
-
Multi-site redundancyData stored on our infrastructure is automatically encrypted at rest and distributed for availability and reliability. This helps guard against unauthorized access and service interruptions.
-
Service deploymentAny application that runs on GCP infrastructure is deployed with security in mind. We don't assume any trust between services, and we use the multiple mechanisms that Google makes available to us to establish and maintain trust. Our infrastructure was designed to be multi-tenant from the start.
Network Security
-
Machine to Machine Communication (M2M)Zea ensures secure connectivity between APIs and services through robust measures like TLS (Transport Layer Security) and short-lived JWTs (JSON Web Tokens). TLS guarantees encrypted communication, while the short lifespan of JWTs prevents their misuse by potential attackers. This approach enhances the overall security of M2M communication, safeguarding data integrity and preventing unauthorized access.
-
Secure CommunicationZea ensures the highest level of security for your data by utilizing HTTPS and trusted certificates issued by a reputable Certificate Authority (CA), this enables secure connections, encrypting data transmitted between all parts of our infrastructure, assuring users that their information is protected from prying eyes at all times.