7 November 2022

Data Security

We understand that our customers expect us to protect their data with the highest standards and we are committed to providing them with a highly secure and reliable environment.

Approach

getKambium staff follow an Information Security Policy to support the secure and continuous flow of information required to deliver getKambium’s services to its customers, as effectively and efficiently as possible, whilst reducing the information security risks.

Data Centers

Our systems are hosted in Microsoft Azure in the East US region. The Azure data centers employ leading physical and environmental security measures, resulting in highly resilient infrastructure.

Visit Microsoft’ Trust Center for more information: https://www.microsoft.com/en-us/trust-center

Application Security

getKambium is coded with a security-oriented design in multiple layers, one of which is the application layer. All code is built towards Microsoft’s Best Practice, and has undergone Veracode Static Code Analysis.

getKambium is a multi-tenanted application with data stored in separate Azure SQL databases for each tenant. This ensures data separation between tenants.

Infrastructure Security

Being hosted on the Microsoft Azure platform, our infrastructure is protected using multiple layers of defense mechanisms, including:

  • Firewalls for enforcing IP whitelisting and access through permitted ports only to network resources
  • DDoS mitigation and rate limiting
  • Comprehensive logging of network traffic, both internal and edge
  • Data Encryption
  • getKambium encrypts all data both in transit and at rest:
  • Traffic is encrypted using TLS 1.2 at minimum
  • User data is encrypted at rest

External Security Audits

getKambium code has been verified using the Veracode process, and is undergoing certification to appear in the ConnectWise marketplace.

Authentication

All authentication is provided by Microsoft’s Azure Active Directory B2C authentication service. No credentials are stored by getKambium.

Multi-factor authentication (MFA) is enforced for all logins.

Disaster Recovery and Backups

getKambium uses Microsoft’s backup service to consistently backup user data stored in Azure SQL. All backups are encrypted.

Code has been scanned by Veracode and mitigations put in place

Physical Security

getKambium is a cloud-based solution, with no part of our infrastructure retained on-premise. Our physical security in the offices include personal identification-based access control, CCTV and alarm systems.

Our data centers are hosted on Microsoft’s Azure infrastructure, where leading physical security measures are employed.

Security Awareness Training

All getKambium staff undergo quarterly online security awareness training with results reported on to senior management. A quarterly email phishing test of all staff is also undertaken and reported on.

For detail, refer to our full policy