Featured post image

The Kindling Security Policies and Procedures that Keep Your Data Safe

Hosting

Kindling is hosted at Amazon Web Services, a SOC3-certified cloud provider.

Kindling runs in a multi-server architecture where a number of web application servers, running across Amazon Availability Zones, process requests to the application. Should one or more web application servers fail, traffic is automatically routed to available nodes.

The Kindling platform has been architected to achieve high reliability and scalability. Kindling uses AWS-provided built-in tools, best practices, and methods to assist with health checks and scaling.

Kindling actively monitors resources and has alert systems in place that would allow us to identify the need for additional resources prior to any impact to our customers.

Encryption

All information exchanged with Kindling is encrypted and sent using SSL/TLS. This includes communication to and from the user’s web browser, any mobile device communication, and any calls to Kindling’s API.

All data stored on our databases (data at rest) is encrypted.

Backups of customer data are encrypted and stored in AWS’s highly available and redundant Simple Storage Service (S3) and separate from the original data.

Policies

Kindling has and enforces a security policy and security training for all personnel.

Kindling identifies security roles, where data access to production servers is severely limited. All employees sign security and non-disclosure agreements upon joining Kindling.

Kindling’s Security Policies and Procedures are disclosed to Prospects or Customers upon request.

Kindling does not disclose customer data of any kind for any reason to 3rd party vendors, partners, or other parties. All new hires are required to undergo background checks and to sign our security and employee confidentiality agreements.

Audit

Kindling is scanned on a quarterly basis by a third-party internet security firm for vulnerabilities, including SQL injection, XSS, XSRF, CRIME, OS Security, Web Server Security, and scores of other potential security issues.

The most recent External Penetration Test report is available upon request.

Additionally Kindling complies with and is certified by the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce.

Vulnerabilities

All uploaded files are scanned for viruses. Virus definitions are updated every two hours.

Kindling’s infrastructure components, including database and web servers (e.g. MySQL, Apache, PHP, etc.), are continuously monitored per environment for security updates. Security updates are applied within the context of structured validation testing to ensure the integrity of all services.

Access

All customer data is considered by Kindling to be private and confidential. Therefore, all access to Kindling is authenticated. Kindling supports industry standard authentication protocols (LDAP/Active Directory, SAML, OAuth) to grant access.

Kindling lets moderators directly control users’ permissions to view and edit content within the system. Users are put into Groups (either directly in Kindling, or by inheriting the Groups from LDAP/Active Directory) which then receive view access to one or more Categories in Kindling. An individual then only has access to the Categories, and therefore the Ideas and discussions, that their Groups are given access to.

Questions?

If you have any questions about our security policies and procedures, data handling, or anything else, please don’t hesitate to get in touch.