Securing Our Infrastructure
Kademi outsources hosting of its platform infrastructure to leading cloud infrastructure provider Amazon Web Services (AWS) for infrastructure hosting. AWS provides high levels of physical and network security.
Kademi outsources hosting of its platform infrastructure to leading cloud infrastructure provider Amazon Web Services (AWS) for infrastructure hosting. AWS provides high levels of physical and network security.
All components that process data operate in Kademi’s private network inside our secure cloud platform.
Kademi is built from the ground up and applies best practice security tools and techniques such as OWASP, and includes using OWASP code artifacts.
Kademi uses a multi-tenanted framework that provides each customer with a secure account keeping their data isolated from other users’ data.
Kademi natively supports 2FA (two-factor authentication) using a second device such as a mobile phone to verify a user when they login.
Kademi conducts regular penetration testing working with leading 3rd party security companies to ensure the integrity of our platform.
Kademi supports the latest secure connection technology, including TLS1.2+, and support for additional headers such as “HTTP Strict Transport Security” and X-Frame-Options and advanced mechanisms such as token based protection against Cross Site Request Forgery (CSRF).
Kademi encrypts all data in transit and at rest. Data transfer is protected using the industry-standard TLS 1.2 protocol, while data at rest in AWS is encrypted using AES-256 server-side encryption. Kademi uses AWS Key Management Services for data at rest encryption and secure key management.
Security goes beyond our own platform and becomes part of the way we work, our culture, and how we communicate.
2FA (two-factor authentication) is compulsory when accessing Kademi’s platform and used when available across third party platforms.
Kademi adopts third party software for centralized management of patching employee devices. All Kademi devices use Full Disk Encryption.
A dedicated security team ensures security is maintained to a high standard across the company, infrastructure, platform, policies and risk management.
Information security policies and employee training are in place to govern an organization-wide approach to how Kademi’s systems are operated and how data is protected.
Kademi adheres to the principle of least privileged, reviews access on a quarterly basis, and adopts best practice tools and processes to manage employee access to our systems.
All aspects of security are communicated throughout policies and procedures, system design documentation, training both internally and externally to our customers.
Kademi has its SOC 2 Type II certification, so we can demonstrate to our customers we have met rigorous security and privacy standards, and are committed to maintaining them.
Kademi, in partnership with risk management leader Vanta, offers access to our Vanta Shared Profile, containing essential due diligence artifacts for your risk review activities.