The security and privacy of your personal, project or financial information is paramount to Kantask. Kantask provides the physical protection and integrity of your network using certified data centers. Our infrastructure and certified data centers regularly undergoes the same audits as the largest financial institutions.
CONTROL AND CERTIFICATION
The data centers with which we work (Amazon AWS) adhere to security controls and certifications from several countries, including:
- ISO 9001, 27001, 27017, 27018
- PCI DSS Level 1 (Payment Card Industry)
- C5 (Germany)
- Cyber Essentials Plus (UK)
- FedRAMP (USA)
- MLPS Level 3 (China)
- SEC Rule 17-a-4(f)
REDUNDANCE AND TECHNOLOGY
Likewise, the architecture of the data centers we use is built to satisfy any kind of concern.
- Geographically separated infrastructures to ensure support in case of major disasters (16 geographic regions available).
- Monitoring 24/7/365.
- The latest generation technology.
All access to Kantask is via HTTP with SSL (HTTPS). Kantask is using a 2048 bit RSA Public Key. In addition, the data is encrypted, rendering it illegible during any transit between one facility and another.
We adhere to the best practices of password security using a bcrypt algorithm that incorporates "salting".
Kantask maintains rigorous audit standards regarding access to its infrastructure and access to the information contained in its product.
- We control and maintain the list of all incoming users, including Logins and Logouts, Session Details, person details, date / time, source IP address, and the type of browser used.
- The vulnerability of the platform is tested as part of each new version of the program, both manually and automatically.
- We periodically undergo penetration controls by the most sensitive customers.
- On a regular basis, external consultants carry out audits and vulnerability controls.
- Access to the information of our customers is facilitated only to few Kantask´s employees and is used only in case of requested support by the client.
- All login sessions will expire automatically after 2 hours of inactivity.