Security

Information Security

Keatext offers its solution in a SaaS model. To ensure business remains uninterrupted, we operate under a 99.5% SLA availability commitment. Average monthly availability was greater than 99.9% for the period including 2015, 2016 and 2017. Production systems are configured for high-availability and scalability with active 24/7 monitoring.

Customer data is one of the most valuable assets our clients have. That is why our top priority is delivering a comprehensive, high-performance solution with a focus on keeping our customers’ data safe, their interactions secure, and their businesses protected. We follow industry best practices and rely on industry leaders when it comes to security.

Application Security

Authentication and Authorization

Identity and authentication are managed by a SOC2 Type II certified Identity Platform (Auth0). Authorization is performed on every API call.

Development Life Cycle

Keatext follows a personalized version of the Agile methodology. We address security as a continuous concern and take it into consideration during every development step. Threat modeling, peer reviews at the design phase, systematic code reviews, unit tests, and integration tests in a staging environment are all implemented by our research and development team.

Platform Security

Infrastructure

The analytics application as well as data at rest, are hosted in SOC2 certified Tier-III Data centers run by AWS and located in Virginia (USA), Montreal (Canada), and Dublin (Ireland, EU). All of our environments are segregated using carefully configured security groups, VPCs, and role-based access controls. MFA is mandatory and we leverage AWS’ advanced protections such as DDoS Mitigation, monitoring and WAF. We perform regular vulnerability scans as well as penetration testing using licensed third party solutions. Logs are securely forwarded and monitored on dedicated servers hosted in SOC2 Type II certified datacenters (Loggly). System status is always available on our website.

Data

Encryption

Keatext protects customer data by enforcing industry standard encryption at every level. Data at rest is encrypted using the AES-256 symmetric key encryption algorithm. Data transmission enforces the use of TLS 1.2, 1.1, or 1.0 with at least 128-bit AES encryption. Qualys SSL Labs rates our SSL implementation as “A” on their SSL Server test.

Access Control

We ensure that access to your data is only done on a need to know basis. Keatext system administrators are the only individuals with access to Keatext’ servers and production databases. Other Keatext employees do not have access to Keatext’ production servers and databases.

Policies

Keatext is actively developing its security policies in line with the Cloud Security Alliance Cloud Controls Matrix. Policies are released, communicated with employees and enforced in a continuous manner. We are striving to achieve industry standard certifications like ISO 27001/27002 and SOC2 Type II.

Privacy

Keatext complies with the General Data Protection Regulation. Read our full privacy policy.