Technical and Organizational Security Measures

These are the current Technical and Organizational Security Measures employed by Zello to protect our customer data against accidental or unauthorized loss, destruction, alteration, disclosure or access.

Last Updated: June 19, 2020

Organization Of Information Security

  • We have a comprehensive set of information security policies, approved by senior management and disseminated to all Personnel.
  • We perform background checks on all new employees.
  • We require the signature of confidentiality and privacy agreements signed by all new employees.
  • We provide periodic security training to employees.
  • The information security function reports directly to the Chief Security Officer.

Physical Access

  • Zello utilizes bare metal servers hosted in the IBM Cloud. Points of presence are located throughout the world and their physical security is detailed in IBM’s published Cloud Architecture document. AWS is the failover cloud provider should IBM fail.
  • Zello Work allows for a solution hosted on-premise, please see Zello Work On-premise Server Requirements for more information.
  • Physical access to our office is controlled after hours via key access or electronic badge access.

System Access

  • Zello has a password policy that prohibits the sharing of passwords. All passwords must meet complexity requirements and are stored in encrypted form.
  • Server access is logged at the machine level and controlled through shared keys that may be revoked at any time.

Data Access

  • Zello employees have access to customer voice and rich media data through the administrative console IF AND ONLY IF they are granted such access AND Message Vault is enabled on the customer account.  We log all console access through our standard audit tracking.
  • Zello engineers who are permitted to log in to production servers can access customer voice and rich media data that is stored in one of the two cases mentioned below.  All such machine-level access is logged.

Data Transmission, Encryption, Storage, and Destruction

  • Voice and rich media data transits the public internet encrypted by 256 bit AES, passing from sender device to receiver device through Zello servers.  Under no circumstances do we store this data, EXCEPT:
    • When Message Vault is enabled by the customer, in which case encrypted data will be saved, along with the original client key, for up to 2 years
    • When a voice message is a direct 1:1 communication and the recipient is offline, in which case the encrypted data will be stored for redelivery for up to 7 days.  Once redelivered, the data is deleted
  • Voice and rich media data will be stored on the recipient device UNLESS:
    • It is prevented by configuration
    • It is automatically deleted by policy (expiration time)
    • It is manually deleted by the user
  • Voice and rich media data on a recipient device is encrypted at the operating system level on iOS and suitably configured versions of Android 7+
  • Additionally, we use:
    • 1024 bit RSA for authentication, digital signatures and secure media session keys exchange.
    • TLS for control traffic encryption between Zello client and Zello server
    • All API communication occurs over HTTP/S; the channel API is offered over secure websockets.
  • IBM Cloud erases data using DOD 5220.22-M grade algorithm. This ensures that any residual drive data is destroyed. This process is monitored and logged and is tracked. Once complete the drive is ready to be redeployed to a new customer.
  • If a drive fails the wipe process or reaches end of life, it is taken out of commission and physically destroyed

Confidentiality And Integrity

  • Customer data is not shared with 3rd parties in accordance with Zello’s Terms of Service and Privacy Policy
  • Zello uses a consistent hiring process that includes multiple reference checks as well as a background check that verifies employment and education history, along with any criminal history. Zello makes hiring decisions based on the results of these in accordance to applicable law.
  • Personal Information is classified according to GDPR standards

Availability

  • Our standard service SLA is 99.9%, achieved through redundancy at every layer of the stack. The platform is capable of operating at various levels of degraded service, so if a single component is failing (ie, the Message Vault feature), voice communication will continue operating normally.
  • All critical data stores are replicated across machines and in some cases across cloud providers (IBM to AWS). Additionally, backups of databases and search indexes are performed regularly and stored across multiple redundant servers.
  • In the event of a data center failure, we have the ability to bring up a replacement service platform in less than 4 hours on an alternate cloud provider (AWS). We would notify customers of changes in DNS associated with such a switch in order to synchronize appropriate firewall rules, as applicable.

Incident Management

  • We provide 24×7 support for the platform, including critical security issues. Response times will meet our contractually agreed SLA; resolution times will depend on the issue.
  • For compliance with the GDPR, our DPO is responsible for notifying all affected users of any material breach within 72 hours. In the event of such a breach, we will work with one of our security partners to evaluate the impact and undertake necessary remediation as quickly as possible.
  • Up to date status checks available here

Audit

  • All administrative actions performed by staff through the Zello Work console on behalf of the customer are captured and searchable in an audit log.
  • We periodically perform penetration testing and system fuzzing at the API layer. We maintain a number of unit tests that exercise specific code paths with bad data.
  • Our systems are regularly tested by 3rd parties for security compliance