Accreditation Management Services, AI enabled Customized Software for your Institution
Your data is end-to-end encrypted and compliant with international guidelines.
Security at Kramah Software
At Kramah Software, we understand that safeguarding your data and ensuring the security of our platform is paramount. We have invested in robust security resources and controls to provide the highest level of protection for your information. Our commitment to security includes defining and enhancing controls, implementing our security framework, and facilitating compliance and risk management.
Our Security Objectives
Our security framework aligns with industry best practices in the Software as a Service (SaaS) sector. Our key security objectives are:
Customer Trust and Protection: Our top priority is delivering exceptional products and services while safeguarding the privacy and confidentiality of your data.
Information and Service Integrity: We employ stringent security controls to maintain the integrity of your data, preventing unauthorized access or misuse.
Availability and Continuity of Service: We ensure that our services and your data remain available to authorized users, proactively mitigating security risks.
Compliance with Standards: We adhere to global security standards, GDPR, ISO 9001:2015, ISO/IEC 27001:2013, and more, aligning our processes and controls with industry best practices.
The Kramah Promise
Kramah Software is unwavering in its commitment to complying with all applicable regulations and laws across the regions we serve. We acknowledge our responsibilities as both a data controller and processor, taking data integrity and security seriously.
Compliance Certifications
We uphold compliance with industry-accepted security and privacy frameworks through:
ISO/IEC 27001:2013 Certification: Kramah Software is ISO/IEC 27001:2013 certified, ensuring comprehensive information security management.
ISO 9001:2015 Certification: Kramah Software is ISO 9001:2015 certified, ensuring comprehensive information security management.
GDPR Compliance: Kramah Software adheres to GDPR standards, ensuring privacy and security for all users, regardless of location.
Privacy and Data Protection
Kramah Software respects data subject rights under applicable data protection laws. Data security is ingrained in our product development, operational processes, and organizational culture.
Cloud Security
We entrust leading cloud infrastructure providers, such as Amazon Web Services (AWS) and Microsoft Azure, with hosting our product infrastructure. These providers offer robust physical and network security measures and maintain compliance with industry standards.
Network Protection
Our network security includes cloud security services, Cloudflare edge protection networks, regular audits, and network intelligence technologies to detect and mitigate malicious activity.
Vulnerability Management
We employ comprehensive vulnerability scanning and third-party penetration testing to identify and address potential security risks.
Bug Bounty Program
Kramah Software encourages security researchers and customers to report vulnerabilities through our Bug Bounty Program, enhancing our security.
Encryption
Data in transit is encrypted using industry-standard HTTPS/TLS, and data at rest is secured with AES-256 key encryption, ensuring the confidentiality and integrity of your data.
Secure Development
Our Secure Development Lifecycle includes secure code training, regular reviews, and third-party penetration tests to address security threats effectively.
Host Security
We implement strong host security measures, including SSH keys, access restrictions, and role-based access controls.
Password Policy
We enforce a robust password policy to enhance data security.
Web Application Firewall (WAF)
Our dedicated WAF provides strong protection against web-based threats.
Credit Card Information Protection
We do not store or process credit card information, relying on PCI-compliant payment vendors for secure transactions.
Availability and Business Continuity
Our disaster recovery program ensures service availability and continuity during unforeseen events.
Administrative Operations
Access to administrative operations is restricted to authorized personnel, and access activities are logged and monitored.
Human Resources Security
We maintain security policies, offer security awareness training, and conduct background verifications for all employees.
Privacy and Data Security Resources
We provide a range of resources, including privacy policies and compliance documentation, to enhance transparency.
Cloud Security
Our cloud infrastructure providers maintain high-level physical and network security measures, enhancing our data protection capabilities.
Data Center Security
Data centers housing our infrastructure are certified for security and compliance.
Network Security
We employ advanced network security measures to protect against unauthorized access and threats.
Secure Development (SDLC)
Our Secure Development Lifecycle ensures that security is embedded in our development processes.
Quality Assurance (QA)
Our QA department reviews and tests our codebase for security.
Separate Environments
We maintain separate environments for development and testing, ensuring data security.
Application Security
Our security controls cover various aspects, from DDoS protection to web application firewalls.
Host Security
We implement strong host security measures to protect our servers and your data.
Password Policy
We enforce a robust password policy to enhance security.
Web Application Firewall (WAF)
Our dedicated WAF provides strong protection against web-based threats.
Credit Card Information Protection
We do not store or process credit card information, relying on PCI-compliant payment vendors for secure transactions.
Availability and Business Continuity
Our disaster recovery program ensures service availability and continuity during unforeseen events.
Administrative Operations
Access to administrative operations is restricted to authorized personnel, and access activities are logged and monitored.
Human Resources Security
We maintain security policies, offer security awareness training, and conduct background verifications for all employees.
For more information about Kramah Software’s commitment to security, please contact us.