Server and Hosting FAQs

Data Security Standards

Every year, Zest's security protocol undergoes an assessment of compliance from the PCI Security Standards Council.

The PCI Security Standards Council is "a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection." This council is constantly evaluating and monitoring potential threats and the ways in which they should be handled or avoided. These constant improvements ensure that sites which are under Zest's purview are operating under the most up-to-date and stringent security standards.

Internal Safety Protocols

Zest implements a variety of processes and best practices to ensure our client's data is kept safe. Learn more about these policies below:

Password Management and Generation Policies

The reasons why Zest utilizes an in-house password manager are two-fold: to preserve the anonymity of our clients passwords, and to allow for strong, complex passwords that help prevent illicit access by outside parties. In instances where we develop a website for a client and then hand off control of the site to the client, we always encourage the client to create a new, complex password to access their site.

The Human Side of Security

The biggest cybersecurity holes are created by employees and human beings rather than systems and encryption. With this in mind, employees at Zest are provided ongoing training to implement best security practices and avoid instances where security may be breached. Email users are trained to look for suspicious requests, attachments, links and forged sender identities. Employees are strongly encouraged to reach out to project managers and supervisors if they receive suspicious emails.

Firewalls to Prevent Downfalls

Zest's servers are protected by a firewall maintained by KnownHost, which helps to defend from potential cyber attacks. This firewall identifies and controls applications on any port, controls circumvention, scans for viruses, generates real-time alerts and controls traffic to and from applications.