Protecting your information and the information of your customers is extremely important to us. We know you have questions about how we’re protecting that information, so what follows are details about some frequently requested information about Kohost’s information security.
We use data centers around the world from top-notch data center providers to host our systems. They all have SOC2 Type 2 reports and provide all the physical security protection measures you would expect.
We understand that software security is very important. We continuously scan our applications for vulnerabilities, using a combination of static source code analysis and dynamic testing. We also:
- Encrypt all your data in transit using TLS.
- Have an independent penetration test conducted on an annual basis.
If you identify a vulnerability in our site or services, please responsibly disclose it to us.
Access to our systems and your data is restricted only to those who need access in order to provide you awesome support.
We also have all the “people security” things you’d expect to see:
- Background checks for our employees
- Signed confidentiality agreements
- Termination/access removal processes
- Acceptable use agreements.
Security is the responsibility of everyone who works for us. We train our employees so that they can identify security risks and empower them to take action to prevent bad things from happening.
Business Continuity/Disaster Recovery
We utilize redundant, geographically separate data centers so that we can provide consistent services for you. In the event one of our data centers becomes unavailable, we can recover quickly so that our applications still work for you.
If you have more in-depth questions about our security program, let us know.