Politique de sécurité

IDENTITY & ACCESS MANAGEMENT

Any connection to the Kraaft application is encrypted end-to-end with SSL (Secure Sockets Layer) Certificates guaranteeing the integrity of all web requests and ensuring any information is transmitted securely to our servers.

Any access to the Kraaft application (except the access to login and sign up pages) is secured by authentication (email/password, phone or SSO) and every request made by the application to our servers is secured by authentication tokens.

DATA PROTECTION

Data hosting

Our servers and data are hosted on the Google infrastructure. The location is Europe West 1 (Belgium) and Europe West 6 (Switzerland). Security rules are carefully implemented on servers.

Data Loss Prevention policy (DLP)

Our Data is automatically backed up on a daily basis with a 30-day retention period.

Internal protocols and access control

Our platform provides role-based access control (RBAC) features, allowing to set user-specific access and editing permissions for your data. This system enables an access control-based, fine-grained, enforced segregation of duties within an organisation.

SECURITY

Dependency Management

We automatically monitor for any security issues within our source code and infrastructure and apply any patch within 24h.

Best Practices

We protect our web applications by filtering malicious web traffic based on IP addresses, HTTP headers, HTTP body, or URI strings, which allows blocking common attack patterns, such as SQL injection or cross-site scripting. We also have measures to implement DDoS and MITM protection via highly available load balancers and a robust SSL/TLS infrastructure.

Kraaft

Apps mobiles

Nos industries

Travaux publics
@ 2020 KRAAFT SAS