Trust K

Security

A partner you can trust.

We understand the importance of keeping your data secure and our Security Principles underpin everything we do.

KADA is SOC 2 Type 2 certified. We test our risk and security measures with external parties through regular Penetration tests.

KADA offers a range of deployment options from on-premise to cloud, allowing you to choose the right option that aligns to your security standards.

K Principles

Our Key Security Principles

Security by Design

KADA incorporates security requirements and controls as a core principle in the design of the K platform.

Zero Trust (Never trust, always verify)

Connection to KADA’s network from internal or external sources are not automatically trusted. We ensure all connections are authenticated before granting access to systems and information.

Defence in depth

Multiple security controls are built independently of each other so failure of one control does not impact the overall security of the K platform.

Need to know / least privilege

KADA will only be granted the minimum access needed to its employees to perform their official role. Segregation of duties will be enforced.

“K allowed us to get our data migration started quickly, confidently track and deliver the migration, and now is a key part of how we manage and scale the correct use of data across hundreds of data consumers.”

James Gouletsas
Circular Economy Systems
K Security

Our Key Security Principles

Security by Design

Data and system security requirements and controls are implemented in the design of solutions

Zero Trust (Never trust, always verify)

Connection to KADA’s network from internal or external sources must not be automatically trusted. Connections must be authenticated before granting access to systems and information.

Defence in depth

Multiple security controls must be built independently of each other so failure of one control does not impact the security of K

Need to know / least privilege

Users will only be granted the minimum access needed to perform their official role and segregation of duties will be enforced.

K Security

Our Security Measures

Vulnerability scanning

KADA leverages vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC):

  • Static analysis (SAST) testing of code
  • Malicious dependency scanning
  • Dynamic analysis (DAST) of running applications
  • Regular network vulnerability scanning
  • Software composition analysis (SCA) to identify known vulnerabilities
  • Continuously running external attack surface management (EASM)
Endpoint Protection

All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage.

We use Microsoft Intune software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Identity and access management

K uses Microsoft to secure our identity and access management. We enforce the use of phishing-resistant authentication factors.

K employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment.

Further access must be approved according to the policies set for each application.

Security education

K provides comprehensive security training to all employees upon onboarding and annually.

In addition, all new employees attend a mandatory live onboarding session centered around key security principles. All new engineers also attend a mandatory live onboarding session focused on secure coding principles and practices.

The KADA team is supported by Security experts who regularly conduct briefings with employees to inform them of important security updates and emerging threats.

Get started with KADA today.

Deploy and start seeing your data ecosystem in less than an hour