Security
Kademi puts security at the heart of our platform. We establish operational systems and processes that support the achievement of our security commitments.
Securing Our Infrastructure
Kademi outsources hosting of its platform infrastructure to leading cloud infrastructure provider Amazon Web Services (AWS) for infrastructure hosting. AWS provides high levels of physical and network security.
Security Standards
Amazon Web Services maintains an audited security program, including SOC 2 and ISO 27001 compliance, and leverages some of the world's most advanced facilities infrastructure such as power, networking, and security.
Intrusion Detection (IDP)
Kademi’s Intrusion Detection and Prevention framework uses a rules based policy that considers factors i.e. a users geo location, then acts based on an appropriate level of risk to mitigate malicious activity.
Endpoint Detection and Response
All of our servers adopt industry-leading endpoint security provided by CrowdStrike. Our security team continuously monitors our endpoints to ensure the best possible protection against cyber threats.
Vulnerability Monitoring
Kademi uses AWS tools to continuously monitor all aspects of the platform for vulnerabilities which allows us to quickly identify and rectify security vulnerabilities.
Disaster Recovery
Kademi has implemented and manages disaster recovery plans to support loss of a service within a data center, and catastrophic failures such as the loss of an entire data center. Services can be restored on a new instance on AWS using backups.
Get our technical specifications
To find out more and access our complete infrastructure guide to our managed multi-tenanted hosting on Amazon Web Services, contact our sales team.
Securing Our Platform
All components that process data operate in Kademi’s private network inside our secure cloud platform.
OWASP
Kademi is built from the ground up and applies best practice security tools and techniques such as OWASP, and includes using OWASP code artifacts.
Secure Accounts
Kademi uses a multi-tenanted framework that provides each customer with a secure account keeping their data isolated from other users’ data.
Authentication
Kademi natively supports 2FA (two-factor authentication) using a second device such as a mobile phone to verify a user when they login.
Pen-tests
Kademi conducts regular penetration testing working with leading 3rd party security companies to ensure the integrity of our platform.
Security Protocols
Kademi supports the latest secure connection technology, including TLS1.2+, and support for additional headers such as “HTTP Strict Transport Security” and X-Frame-Options and advanced mechanisms such as token based protection against Cross Site Request Forgery (CSRF).
Data Encryption
Kademi encrypts all data in transit and at rest. Data transfer is protected using the industry-standard TLS 1.2 protocol, while data at rest in AWS is encrypted using AES-256 server-side encryption. Kademi uses AWS Key Management Services for data at rest encryption and secure key management.
Company Wide Security
Security goes beyond our own platform and becomes part of the way we work, our culture, and how we communicate.
Two-factor Authentication
2FA (two-factor authentication) is compulsory when accessing Kademi’s platform and used when available across third party platforms.
Device Security
Kademi adopts third party software for centralized management of patching employee devices. All Kademi devices use Full Disk Encryption.
Dedicated Security Team
A dedicated security team ensures security is maintained to a high standard across the company, infrastructure, platform, policies and risk management.
Internal Training
Information security policies and employee training are in place to govern an organization-wide approach to how Kademi’s systems are operated and how data is protected.
Access Management
Kademi adheres to the principle of least privileged, reviews access on a quarterly basis, and adopts best practice tools and processes to manage employee access to our systems.
Communication
All aspects of security are communicated throughout our policies and procedures, system design documentation, and training both internally and externally to our customers.