Effective: 28th of January, 2019
Security is one of the biggest considerations in everything we do. If you have any questions after reading this, or encounter any issues, please let us know.
Klaus forces HTTPS for all services using TLS 1.2+ (SSL), including our public website and our app, to keep your data safely encrypted in transit. Your data is also encrypted at rest with LUKS.
- We harden our servers with additional security measures, like making sure restrictive firewalls are configured and login is only allowed in a secure manner
- Access to our servers is tightly controlled and we keep audit logs of all issued commands
- We regularly patch and update the software we run & we do periodic scans to find out-of-date software
We use HSTS to ensure browsers interact with Klaus only over HTTPS. We use various other HTTP security headers to keep our network traffic as restricted as possible.
Klaus employs and develops security-aware people. We demand MFA from our employees for all external services where possible, use a password manager for both personal passwords and secret management.
Account and data security
In addition to the work we do at the infrastructure level, we provide Account Administrators with additional tools to limit their users' access to Customer Data via role management. You can also configure Klaus to never store sensitive Customer Data - we provide the option to mask out any contact details (e-mail, phone number), the client's name and their bank credentials. That way nothing sensitive will rest on our side.
Deletion of Customer Data
Klaus provides the option for an account owner to delete Customer Data at any time via removing the Support Desk integration. Klaus then hard deletes all information from currently-running production systems (excluding account, team and ticket internal IDs, embedded in URLs in web server access logs). Klaus services backups are destroyed within 14 days.*
If you have additional questions regarding security, we are happy to answer them. Please write to firstname.lastname@example.org and we will respond as quickly as we can.