We (KONZE) have an advanced security framework that protects our Client’s and institution's data from external threats and intrusions. We are committed to working with our IT Service Delivery Team to maintain the safest operating environment possible for our Customers. The information below summarizes our security framework, which incorporates state of the art technology with proven results. There are several levels/ layers of security embedded within our security framework. User Level deals with Secure Sockets Layer (SSL) protocol, and is the first line of defence (security layer/protection) used by all customers accessing Servers and Services from a public network. Infrastructure Level focuses on IT Infrastructure by employing the protection mechanisms such as firewalls, routers, access control lists coupled with advanced access control mechanisms such as IAM or identification of trusted devices using our services, and a mixture of AWS products and services.
There are several components of User Level security that ensure confidentiality of information sent across the Internet. SSL (HTTPS) is the most commonly used secure protocol that allows a user’s browser to establish a secure channel for communicating with server. SSL utilizes highly effective cryptography (RSA 256 bits) techniques between user browser and server to ensure that the information being passed is authentic, cannot be deciphered, and has not been altered en route. SSL also utilizes a digitally signed certificate which ensures that you are communicating with the actual Server and not with a third party trying to impersonate or intercept the transaction.
We host our infrastructure on AWS Global Cloud Infrastructure. The AWS Global Infrastructure is built for performance, amongst other attributes. AWS has compliance certification for compliance ISO/IEC 27001:2013, 27017:2015, and 27018:2014 standards. These certifications are awarded by independent third-party Certification Bodies. Our instances at AWS infrastructure are securely monitored 24/7 to help ensure the confidentiality, integrity, and availability of data stored on various servers. Alongside security, AWS infrastructure has the highest network availability compared to any other cloud provider. AWS Elastic Compute Cloud - one of the core products from AWS we use - ensures multiple levels of security such as OS of Host instance, OS of Guest instances, firewall, Access Control Lists, Inbound/ Outbound source IP binding and signed API calls. AWS EC2 ensures Data / Infrastructure Protection not only from external unauthorized activities but also from internal different instances without sacrificing flexibility needs of a user.