ZUAR hosted systems are single tenet in design.  Each tenet system is individually configurable and the overall security policy of a particular system is determined by this configuration.

During transfer

All sensitive data is transferred using the SSL protected version of the relevant protocol whenever possible.  (HTTPS for web traffic, SFTP/SCP for file transfer etc.). All system access by authorized ZUAR employees is via SSH.

The web applications for all ZUAR products are limited to TLS v1.2 and v1.3 (1.0 and 1.1 are explicitly prohibited).

NOTE: Certain input systems that ZUAR can access may only be available by insecure method.  For example, Mitto automatically pulling from a standard FTP site.   In such cases, the customer is responsible for all incurred risks and ZUAR is not responsible in the case of data loss.

At rest

ZUAR hosted systems may be configured to support encryption of all data at rest.  This is an optional service available upon request for an additional cost and is not included in the standard hosting plan.