Security

Your company data and the data of your customers are invaluable. As an online service provider, we understand that like no other. Our security experts pay constant attention to the security of your entire platform.To prevent risks, we pay continuous attention to security by applying fully managed security measures on different levels. This strategy is called 'defense in depth'. The principle of defense-in-depth is that layered security mechanisms increase security of the system as a whole. If an attack causes one security mechanism to fail, other mechanisms still provide the necessary security to protect the system.



security: defense in depth

Our approach

Ksplice

To prevent downtime by the use of Ksplice, a product provided by Oracle. Oracle makes it possible to implement security patches on Linux kernels without the need to reboot.

24/7 Updates

We make sure your operation system and software are updated 24/7, this way you are always protected against the latest security risks.

Principle of least privilege

We work with the principle of least privileges, applied to user accounts, programs, processes and servers, maintaining your infrastructure security. We employ white lists, for instance to access privileged interfaces.

Specific security checks

Almost all security risks are prevented by our updates and 24/7 monitoring. However, may a specific thread can pose a risk, like a brute force attack on WordPress, our monitoring will alert us the same second. Our team will directly carry out specific security checks and block offenders.

Managed Firewalls

We make sure you are protected from unauthorized connections by using firewalls that are fully managed by our team. What makes a big difference in the level of security we are able to offer, is our extreme automation. For example, once we signal an IP trying to hack one customer we do not just block it on that server, but we deploy this for all our customers. This way we can prevent a lot of security threats.

Encryption

We use certificates as much as we can, for instance public key encryption. If there is a need to use passwords, we make sure they are encrypted. We deploy extra encryption in consultation with our customers. For example, we can order, install and extend SSL certificates for our clients.

VPN

A VPN (Virtual Private Network) adds security and privacy to point to point connections using public networks. Data connections are encapsulated by encryption protocols which enables secure tunneling. Integrity checks ensure that no data is lost. We can set up a VPN, based on your specific wishes.

24/7 Monitoring

We monitor all the platforms under our care 24/7, including on points concerning security. The most critical services are checked every second. The moment our monotoring picks up on something we instantly receive an alert so we can actively prevent incidents as much as possible.

Audits

If you would want to run a security audit by a third party, this is no problem, we will support you if necessary.

Proactive security advice

We make sure we have optimal security on our end of things by applying defense in depth. In addition to that, we give free advice about the best ways you can make sure that the applications that you manage are as secure and safe as possible.

Wordpress

Because of its popularity, WordPress and its plugins can be a regular target for attacks. Although the responsibility for managing and updating Wordpress and the used plugins lies with our clients, Kumina offers extra measures that can be employed through additional services to further harden security.

Redundant set-ups and back-ups

All our set-ups are redundant, this way you will always have a working back-up server. We also make make sure you do not have to worry about any data loss with our daily back-ups of your data. They are stored for 30 days in a geographically separated location from your production environment.