Security

Combined Shape

We take your security very seriously.

 

Our Security page details our steps to protect your data and ensure a safe and secure user experience. We know your trust in us is crucial, and we strive to earn and maintain that trust daily. Read this page to learn more about our security practices and how we keep your information safe.

Failover and Disaster Recovery

KLERQ was built with disaster recovery in mind. Our infrastructure and data are spread across two Microsoft Azure availability zones (within the same geographical area) and will continue to work should either of those data centers fail.

 

Encryption

All data sent to or from KLERQ is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS/SSL only. SSL/TLS certificates are used to secure network communications and establish the identity of KLERQ over the internet and resources on private networks.

 

Password and Credential Storage

KLERQ enforces a password complexity standard and uses OpenSSL encrypt and decrypt to store credentials and sensitive data. The encryption algorithm is specified by the Advanced Encryption Standard (AES).

 

Uptime

We have an uptime of 99.5% or higher.

 

Back-Ups and Monitoring

On an application level, we produce audit logs for all activity. Our Certified Azure Cloud hosts the server logs within Azure. Our database is backed-up every 24 hours.

 

Pentest and Vulnerability Scanning

KLERQ uses third-party security tools to scan for vulnerabilities continuously. In addition, we periodically consult third-party security experts to perform detailed penetration tests on the KLERQ application and infrastructure.

 

Incident Response

KLERQ implements protocols for handling security events. This includes escalation procedures, rapid mitigation, and post-mortem. In addition, all employees are informed of our policies.

In case of a ‘critical incident’ or ‘security breach,’ KLERQ will immediately inform its clients. Furthermore, KLERQ will take all necessary steps to reduce impact and prevent a recurrence.

 

OS Protection

All KLERQ employees are obliged to work with up-to-date operating systems and software. Internal rules around a clean desk, clear screen, encrypted laptops, password managers, 2FA, mobile storage devices, and virus scanners are outlined in the KLERQ Employee Handbook.

 

Physical Security

KLERQ has a set of measures to guard the physical security of its employees and office. These are described in our internal security policy and are reviewed on an annual basis.

 

Confidentiality

All employee contracts include a confidentiality agreement.

 

If you have any questions or concerns, please don’t hesitate to reach out by sending an email to security@klerq.io.

Can’t find your answer?

Feel free to contact us for more information.