On a recent kickoff, I got asked a lot of questions around the security of Answers. Specifically, this company has a third party that runs frequent penetration tests on their website, and everything they do has to be ADA and WCAG compliant. I’m wondering if we have materials on the security of Answers, as well as thoughts on whether this company should host their Answers experience, or if Yext should, based on these concerns (or if it doesn’t matter).
I am planning on telling them that our products are ADA and WCAG compliant, and that all data stored in the Knowledge Graph and returned via Live API to the Answers results page is intended to be public-facing, but I’d love any more official details on the security/compliance of Answers.
Happy to provide more context! Thanks so much.
Chris
@roser let us know if there is any official documentation or resource we can point to here! This is something we’ve seen come up quite frequently of late.
Regarding the WCAG/ADA please refer to this post: Answers ADA Compliance - #2 by roser. As it outlines, the core items in an Answers experience are built to align with WCAG 2.0 AA best practices. We test our software using Wave and Voiceover on Mac before releasing any new versions. If they have any feedback regarding WCAG, please do pass it along! It’s an ongoing effort to make the product as accessible as possible.
In terms of the security protocols, I’m still following up with our team on that and will post additional information regarding pen testing protocols here once received.
Hey @roser, just following up here. I have a client awaiting kickoff that let us know that their IT team will be teeing up security questions when we meet - I was wondering if we have any official resources that might help me answer those questions. Thanks!