Security

Your company data and the data of your customers are invaluable. As an online service provider, we understand that like no other. Our security experts pay constant attention to the security of your entire platform.To prevent risks, we pay continuous attention to security by applying fully managed security measures on different levels. This strategy is called 'defense in depth'. The principle of defense-in-depth is that layered security mechanisms increase security of the system as a whole. If an attack causes one security mechanism to fail, other mechanisms still provide the necessary security to protect the system.



security: defense in depth

Our approach

Ksplice

We use 'Ksplice', a product provided by Oracle, which makes it possible to patch online Linux kernels. This way we are able to implement security patches without rebooting servers.

24/7 Updates

We make sure your operating system and software are updated 24/7, this way you are always protected against the latest security risks.

Principle of least privilege

We work with the principle of least privileges, applied to user accounts, programs, processes and servers, maintaining your infrastructure security. We employ white lists, for instance to access privileged interfaces.

Specific security checks

Almost all security risks are prevented by our 24/7 updates and monitoring. In addition, specific real-time threats (like brute force attacks on Wordpress) are monitored to enable us to carry out specific security checks and block offenders.

Managed Firewalls

We make sure you are protected from unauthorized connections by using firewalls that are fully managed by our team. A big difference in the level of security we are able to offer is due to our extreme degree of automation. For example, IP blocks due to attacks on one customer are deployed to all customers, preventing a lot of security threats.  

Encryption

We use cryptographic access control as much as we can, for instance public key authentication. If there is a need to use passwords, we make sure they are encrypted safely. We deploy extra encryption measures in accordance with our customers needs. For example, we order, install and extend SSL certificates for our clients, set up and administer VPN's, based on your wishes and our advice.  

VPN

A VPN (Virtual Private Network) adds security and privacy to point to point connections using public networks. Data connections are encapsulated by encryption protocols which enables secure tunneling. Integrity checks ensure that no data is lost. We can set up a VPN, based on your specific wishes.

24/7 Monitoring

We monitor all the platforms under our care 24/7, this includes specific checks concerning security. The most critical services are checked every second. The moment our monotoring picks up on something we instantly receive an alert so we can actively prevent incidents as much as possible.

Audits

If you would want to a security audit run by a third party, we do not mind and will support you if necessary.

Proactive security advice

We make sure we have optimal security on our end of things by applying defense in depth. In addition, we provide free advice about the best ways you can make sure your applications are as secure and safe as possible.

Wordpress

Because of its popularity, WordPress and its plugins can be a regular target for attacks. Although the responsibility for managing and updating Wordpress and the used plugins lies with our clients, Kumina offers extra measures that can be employed through additional services to further harden security.

Redundant set-ups and back-ups

Every setup we create is redundant, ensuring you always have a working server. We also provide daily back-ups which are stored in a geographically separated location for 30 days.