For many, it has been a bad month. With hurricanes Harvey and Irma wreaking havoc on major cities and the Equifax data breach being announced, it seems like we are in a constant state of peril.
First, thankfully KaiNexus and our employees have not been affected by the hurricanes.
Next, our data was never at risk to the Apache Struts vulnerability that affected Equifax. We do not use any version of the Apache Struts framework that Equifax failed to update in a timely manner. Also, as a matter of policy and practice, all of our software, operating systems, and code libraries are constantly updated to have the latest, greatest, and most secure versions available.
Given the general uneasiness about security we all feel, I thought it would be a good idea to share some of the key things that we at KaiNexus are diligently working on in order to safeguard our company, our product, and most importantly, your data.
To begin, we host our application on the Google Cloud infrastructure. Google and their infrastructure meet or exceed industry standard best practices for reliability and security. All of your data (and ours) is encrypted and safely stored in one of their data centers in Iowa with a backup in South Carolina. If you are interested in learning more, read this. From the time you click ‘Submit’ and your idea is logged in KaiNexus, to the time you pull it up on your screen again, your data is protected and encrypted.
We are committed to building and maintaining a secure environment. We architected and built our application and our infrastructure according to the OWASP best practices. Additionally, we routinely undergo a third party Penetration Test of our network and the KaiNexus platform. This “Pen Test” consists of professional “hackers” trying their best to identify and exploit any vulnerabilities in KaiNexus. I’m happy to announce we pass with flying colors.
Even if we have a securely built application hosted on secure infrastructure, what if the unexpected happens? Well, that's where we adhere to the Boy Scout motto of “Be Prepared.” Sometimes you can’t avoid a disaster (see hurricanes Harvey and Irma), but you can have plans in place to mitigate their impacts and get back to normal as soon as possible. KaiNexus has a robust disaster recovery and business continuity plan in place. Not only do we test these plans on an annual basis, but we also review and update them regularly to be sure they stay current and able to meet our needs as our business continues to grow.
As always, please don't hesitate to reach out if you have any questions or concerns!