Security

Hosting

Encryption

Customer access of Korbyt is through TLS 1.2 SSL (HTTPS). We do not allow any part of the application to be accessed without TLS 1.2.

Stored data is encrypted at rest (AES256).

Redundancy

Korbyt has distributed data centers in multiple zones and geographic regions for high availability and resilience.

Data Segmentation

All tenant access is controlled through subdomain routing and OAUTH tokens to correctly route tenant users to the correct account.

Customer data is segregated in individual tenant databases to ensure no co-mingling of data.

Backups

Full system backups are done daily.

Access Control/ Security

Secure access is required for office access. Physical data center access only to approved employees.

Platform Security Practices

Penetration tests

The Korbyt team regularly runs the platform code though security analysis and detection tools

Coding

SDLC processes implemented and based on industry-recognized standards to ensure security during all phases.

Training

All employees receive information security and data handling training annually.

Least Privilege Access

Employees are given the least amount of access required to perform their job function.

Dedicated Data Protection Officer

Dedicated employee that oversees company’s data protection strategy and ensures compliance.

UAT Environments

Generated upon request, evaluate and validate before going to production

Service Providers

3rd Party service providers are held to high security standards and vendors are monitored for compliance.

Accessibility (WCAG)

Korbyt Anywhere is compliant with the Web Content Accessibility Guidelines (WCAG) 2.0 level A and AA guidelines.

Incident Response

Automated incident response and resolution tools used to fast track communication should an incident occur.

Infrastructure – cloud, hybrid, on-premises.

Korbyt offers different architectures to meet your infrastructure needs

Breach Prevention

Login Security

Korbyt offers multi-factor authentication (MFA) options for added security when logging in to the platform.

Platform Permissions

The platform supports role-based access control (RBAC), which allows administrators to define different levels of access and permissions for different user roles.

Threat Identification

Intrusion detection and prevention systems in place to identify and evaluate threats as they happen. Korbyt’s security team monitors the platform around the clock for potential security threats or incidents.

Breach Prevention

The platform includes features such as antivirus protection and firewall management to help prevent and detect security breaches.