To start with, if your application is private then ONLY your shared users will have access to your data.
None of our admins have access to any content that is uploaded to our services. Our infrastructure automatically replicates the data for more reliability/availability. The backups are also automated where the data is compressed and password protected. Going forward, we will let you encrypt your data as you upload. This will be additional assurance for you as you control the encryption mechanism.
Description of physical environment: Zoho servers and infrastructure are hosted in a Savvis Tier 1 data center located in Santa Clara, California and Boston, MA. The following is a list of security measures to prevent access to the premises
- On premise security guards
- Building exterior - no signage, cameras, false entrances, vehicle blockades, parking lot design, bulletproof glass/walls
- Biometric systems which include palm scannersSecurity cameras with digital recorders, Pan-tilt zoom (PTZ) capabilities
- Portals and Man traps, only a single person authenticated at one time.
- Level 1: Secure firewall grid Several Fortigate firewalls are load-shared for high availability of all applications
- Level 2: Intrusion detection and prevention to block attacks on network level
- Level 3: All traffic is scanned for viruses and any suspicious traffic is blocked at the firewall level.
- Suspicious traffic is scanned and logged for auditing purposes and monitored daily
- All nodes are scanned for viruses separately
- e-mail traffic is scanned for viruses separately
- Only necessary ports are open to external world
- All services are monitored 24 x7
- Weekly vulnerability testing is performed
- All Zoho services are load-balanced for high availability