Knowing this, at Kreato we aimed to provide the absolute security to our customers with the below listed measures
Secured Data Center: – We chose Microsoft Azure to be our cloud infrastructure provider, as Azure is one of the world largest & secured Cloud Data Center that is compliant with: ISO 27001/ 27002, SSAE 16, PCI DSS Level I & FISMA. Having hosted Kreato at Azure, we know that we don’t have to think even once about the physical security as all the concrete measures like Biometric Controlled Access, Surveillance Cameras and multi factor authentication are in place. Also nothing to worry on the network security front, as all the default security measures like Robust Firewalls, Intrusion Detection Systems and Anti-Virus / Antimalware protection are always enabled. In addition to this 24 x 7 monitoring is in place and Microsoft conducts regular penetration testing to improve Azure security controls and processes.
As the data center is the major component of any enterprise SaaS application security architecture, we feel azure as the right choice with all the above specified security layers.
SSL encrypted Access Layer:– Next to the secured data center, other main area that has to be concentrated is the data access layer. Hence we enforced encryption of all data communication to and from Kreato servers with the industry standard 256-Bit SSL encryption, the same level of encryption used by financial institutions to secure online banking transactions. Thus making the data access layer as secure as possible.
Enhanced Application Security:– Having secured data center and encrypted data access in hand, our next focus was on the application security. After equipping with industry standard authentication and authorization measures with role-permissions based Security to control the right access to right set of users, we provided distinct sub-domains for each customer for better security. Along with the above default security measures, we wanted to enhance the application security with the below tools
- IP Based Access:Our customers can restrict the CRM usage for their team members from specific IP ranges alone if required. This can be mostly used by customers who wanted to restrict CRM usage outside their office premises or specific locations.
- Time Based Access:At some scenarios, restricting access for a specific time periods will prove to be a safe mechanism for some business, hence we enabled the time based access to Kreato. This could be helpful for our customers who wanted to restrict CRM usage after office hours.
- 2 Step Login:This is an enhanced login process in which at every access, Kreato customers has to feed in the authentication code that they received on their mobile phone in addition to entering their username and password. So no more security threat on the user authentication part.
Dedicated Database architecture:- Here comes the key differentiator on the security layer supported by Kreato. We firmly believed that absolute security is possible only if the absolute data segregation happens. And the absolute data segregation will not be completely achievable via the shared database model, where all the customer data co-exist on the same database. Hence we followed the dedicated database architecture, providing every customer a dedicated database thus enabling the complete data segregation.
Also this dedicated database model, not only helps on security but on the product customization part too, allowing more room to customize the data structures as required without any restrictions. And thus proving to be the key differentiator to make Kreato more acceptable on the small and medium business segment.