Security

Application Security

Zea is Secure by Design

Zea is built around the concept that your CAD data should never leave your premises. Your CAD data is yours and yours only, and it should never be sent to cloud servers hosted by anyone else (including us). All the CAD data processing is handled locally on your premises, and the only data transferred is lightweight visualization data and descriptive metadata. You have full control over what data is stripped out or included.

Data Privacy

We only gather the data we need in order to provide services to you. We store and process this information at Zea and through secure third-party platforms like HubSpot and Stripe in full compliance with local regulations. Rest assured that you and your users are in good hands. We do not sell your data.

User Authentication

Zea leverages enterprise-grade authentication platforms, including Firebase Authentication, to ensure secure access. Our system seamlessly integrates with renowned solutions like Google and Microsoft accounts for enhanced security and privacy.

Password-Less

Zea also supports password-less authentication, providing an additional layer of convenience and security. Phishing attacks trick users into exposing their usernames and passwords to malicious parties who then use those credentials to gain access to your company’s private data and take control of your cloud resources.

By not using traditional username/password protocols, we significantly reduce the surface area for potential attacks.

User Access Controls

Zea follows traditional enterprise-level software user access control models. Each user in Zea is assigned a role that determines the user’s capabilities within the platform. Access to data is managed via workspaces, allowing small or large organizations to manage teams working on different projects simultaneously.

Zea Identity and Access Management (ZIAM)

Empower your team with Zea Identity and Access Management (ZIAM). Assign distinct roles such as owner, admin, editor, and viewer, granting appropriate access levels to your organization’s resources. With ZIAM, you can centralize user management and define granular access controls based on roles.

Secure Data Formats

You can be sure that what goes into the platform stays in the platform. The visualization data we generate from the CAD files is based on a proprietary binary file format that can only be viewed on Zea. This binary file format is very small, making it fast to load and extremely difficult to reverse engineer.

Vulnerability and Penetration Testing

We have taken every measure to build a powerful and secure platform while also using third-party security firms to perform vulnerability assessments and penetration testing. Zea works with Vumetric to perform periodic third-party testing of this nature.

Cloud Security

Data Storage

Data retention and backup happen securely. All cloud services, including databases, storage, and computing, are provided by and hosted on Google Cloud Platform (GCP). We run instances and backups in multiple zones and provide a service-level agreement to back it up.

Encryption

We encrypt data at rest and in transit between your location and our instances on GCP, ensuring that it can only be accessed by authorized roles and services with audited access to the encryption keys.

Backups

At Zea, we prioritize the safety and integrity of your data. As part of our robust data management practices, we perform weekly backups. These backups serve as an essential safeguard against data loss or corruption. In the event of any unforeseen incidents or data-related issues, we can leverage these backups to restore your data at any point.

Hosting

We collaborate with a world-class Google Cloud Platform hosting provider located in the United States. By leveraging the capabilities of GCP, implementing robust backup procedures, and incorporating redundancy into our services, we maintain a secure, fast, and resilient hosting environment. This approach safeguards your data, enhances reliability, and provides peace of mind, allowing you to focus on your core business operations.

Multi-Site Redundancy

Data stored on our infrastructure is automatically encrypted at rest and distributed for availability and reliability; 
this helps guard against unauthorized access and service interruptions. The former by accentuating protocols through different sites, and the latter by providing constant data backup in multiple locations.

Service Deployment

Any application that runs on GCP infrastructure is deployed with security in mind. We don’t assume any trust between services, and we use the multiple mechanisms that Google makes available to us to establish and maintain trust. Our infrastructure was designed to be multi-tenant from the start.

Network Security

Machine-to-Machine Communication (M2M)

Zea ensures secure connectivity between APIs and services through robust measures like Transport Layer Security (TLS) and short-lived JSON Web Tokens (JWTs). TLS guarantees encrypted communication, while the short lifespan of JWTs prevents their misuse by potential attackers. This approach enhances the overall security of M2M communication, safeguarding data integrity and preventing unauthorized access.

Secure Communication

Zea ensures the highest level of security for your data by utilizing HTTPS and trusted certificates issued by a reputable Certificate Authority (CA); this enables secure connections, encrypting data transmitted between all parts of our infrastructure and assuring users that their information is protected from prying eyes at all times.

We Value Your Input

Let us know what challenges you face around creating and managing online spare parts catalogs, and our representatives will follow up to show you how Zea can help.