Security FAQs

Brienne Wong
Brienne Wong
  • Updated

Is my work safe?

The short answer is yes. All communication is encrypted using SSL / HTTPS, our servers are backed up hourly, and zeroheight is hosted on enterprise-grade cloud infrastructure: AWS S3. You can read more about their compliance and certifications here.

Access control is enforced using 22-character base64 authentication tokens. We never write our own security code and rely on industry best practices.

Are there any self-hosting options?

This isn't on the roadmap for now, as we're currently focusing all our efforts on our cloud solution.

Do you use multi-factor authentication (MFA)?

For access to the zeroheight platform, we don’t implement MFA / 2FA but we suggest it’s implemented by leveraging SSO and configured as part of the provider. Enterprises using their own SSO through SAML 2.0 can then enforce whichever access controls they require.

Was this article helpful?