A certain amount of confidence is needed when relying on third-party vendors to manage and handle your online data securely. Cloud security is important because it is essential for protecting hosted information - we understand that even small gaps in security coverage can put everything at risk including your data, customer information, uptime, and potentially a company’s reputation. Thus, we prioritize security above everything else.
We are preparing CloudKarafka for compliance and will be compliant before the 25th of May 2018.
Effective security requires threat identification through proactive risk assessment. All employees undergo pre-employment background checks and participate in annual security awareness training.
Security updates based on advisory for our servers and associated devices are automatically handled by us.
We enforce TLS to secure data in transit. TLS has to be enabled to and from the application to ensure secure transit between CloudKarafka and their application.
Clients have the option to define a private network in the cloud (VPC) for instances created in AWS or GCP. A VPC provides a deny-all-by-default security to the instance.
For more information, please read our security policy which demonstrates our commitment to information security.
CloudKarafka is not yet certified compliant with ISO27001. We are always aiming to meet requirements listed in ISO27001 and will try to get the certificate in place in a near future.
CloudKarafka is not yet compliant with HIPAA. We are always aiming to meet requirements listed by HHS and will try to reach compliance in a near future.