Kpi.com puts all efforts to ensure that appropriate facility and data security procedures and processes are in place to protect against destruction, corruption, loss or alteration of, and unauthorized access to the information or customer data created and generated through the use of the kpi.com software.Namely, kpi.com provides 3 levels of security in throughout the software:
1. Physical Security
Kpi.com is built on Amazon cloud infrastructure and your data is being stored on cloud environment on a reliable replicated storages. We use EC2, EBS and S3 services from Amazon. Cloud systems are now becoming industry standard. We mostly rely on Amazons infrastructure, and your data being stored on a replicated storage in the cloud environment which means, even if some hardware crash occurs data will still remain safe and restorable. This is the level 1 prevention of data loss. Level 2 is we keep daily backup of the data on amazons S3 storage, which is also replicated data storage system from Amazon’s web services and is designed for backups, file storages. Level 3 is we keep data backup on our site apart from Amazon’s cloud, would any issues occur with the cloud environment we will still have the data backup available. For data sensitive clients we can provide data backup to their site on a scheduled basis upon their request.
2. Network Security
Amazon cloud environment provides complete firewall solution which allows inbound traffic be restricted by protocol, service port, and by IP address. 256-bit SSL. Secure Browser Connections (HTTPS): Information sent via HTTPS is encrypted from the time it leaves kpi.com until it is received by the recipients computer. Account Access. We can protect your account access through the configured list of IP Addess(es) and/or IP Range(s) upon request. Control and Audit. All accesses are controlled and audited. Virus Scanning. Traffic coming into kpi.com Servers is automatically scanned for harmful viruses using state of the art virus scanning protocols which are updated regularly. For more information on Amazon’s cloud infrastructure you can refer to AWS Security Whitepaper AWS Security Whitepaper 2015
3. People Processes
kpi.com employees are only granted a limited set of default permissions to access company resources. Requests for additional access follow a formal process that involves a request and an approval from a data or system owner, manager, or other executives, as dictated by kpi.com security policies. Approvals are managed by workflow tools that maintain audit records of all changes. These tools control both the modification of authorization settings and the approval process to ensure consistent application of the approval policies. An employee authorization settings are used to control access to all resources, including data and systems for kpi.com applications Audits. Audits are regularly performed and the whole process is reviewed by management As-Needed Accessing data server information as well as customer data is limited, and can be done only when approved by the client (i.e. as part of a support incident), or system owner, manager, or other executives, as dictated by kpi.com security policies.