Securing Our Infrastructure
Kademi outsources hosting of its platform infrastructure to leading cloud infrastructure provider Amazon Web Services (AWS) for infrastructure hosting. AWS provides high levels of physical and network security.
Security Standards
Amazon Web Services maintains an audited security program, including SOC 2 and ISO 27001 compliance, and leverages some of the world's most advanced facilities infrastructure such as power, networking, and security.
Intrusion Detection (IDP)
Kademi’s Intrusion Detection and Prevention framework uses a rules based policy that considers factors i.e. a users geo location, then acts based on an appropriate level of risk to mitigate malicious activity.
Endpoint Detection and Response
All of our servers adopt industry-leading endpoint security provided by CrowdStrike. Our security team continuously monitors our endpoints to ensure the best possible protection against cyber threats.
Vulnerability Monitoring
Kademi uses AWS tools to continuously monitor all aspects of the platform for vulnerabilities which allows us to quickly identify and rectify security vulnerabilities.
Disaster Recovery
Kademi has implemented and manages disaster recovery plans to support loss of a service within a data center, and catastrophic failures such as the loss of an entire data center. Services can be restored on a new instance on AWS using backups.
Securing Our Platform
All components that process data operate in Kademi’s private network inside our secure cloud platform.
OWASP
Kademi is built from the ground up and applies best practice security tools and techniques such as OWASP, and includes using OWASP code artifacts.
Secure Accounts
Kademi uses a multi-tenanted framework that provides each customer with a secure account keeping their data isolated from other users’ data.
Authentication
Kademi natively supports 2FA (two-factor authentication) using a second device such as a mobile phone to verify a user when they login.
Pen-tests
Kademi conducts regular penetration testing working with leading 3rd party security companies to ensure the integrity of our platform.
Security Protocols
Kademi supports the latest secure connection technology, including TLS1.2+, and support for additional headers such as “HTTP Strict Transport Security” and X-Frame-Options and advanced mechanisms such as token based protection against Cross Site Request Forgery (CSRF).
Data Encryption
Kademi encrypts all data in transit and at rest. Data transfer is protected using the industry-standard TLS 1.2 protocol, while data at rest in AWS is encrypted using AES-256 server-side encryption. Kademi uses AWS Key Management Services for data at rest encryption and secure key management.
Securing Our Company
Security goes beyond our own platform and becomes part of the way we work, our culture, and how we communicate.
2FA
2FA (two-factor authentication) is compulsory when accessing Kademi’s platform and used when available across third party platforms.
Device Security
Kademi adopts third party software for centralized management of patching employee devices. All Kademi devices use Full Disk Encryption.
Dedicated Security Team
A dedicated security team ensures security is maintained to a high standard across the company, infrastructure, platform, policies and risk management.
Internal Training
Information security policies and employee training are in place to govern an organization-wide approach to how Kademi’s systems are operated and how data is protected.
Access Management
Kademi adheres to the principle of least privileged, reviews access on a quarterly basis, and adopts best practice tools and processes to manage employee access to our systems.
Communication
All aspects of security are communicated throughout policies and procedures, system design documentation, training both internally and externally to our customers.
SOC 2 Type II
Kademi has its SOC 2 Type II certification, so we can demonstrate to our customers we have met rigorous security and privacy standards, and are committed to maintaining them.
Trust Report
Kademi, in partnership with risk management leader Vanta, offers access to our Vanta Shared Profile, containing essential due diligence artifacts for your risk review activities.
Get the latest Kademi updates and news.
Get in touch
Legal
© 2023 Kademi Ltd