<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1198959024648874&amp;ev=PageView&amp;noscript=1">
Skip to content

Commitment to trust

Protecting customer data is fundamental to our security and privacy program. It influences product design, operational security practices, protection layers, and key certifications. Read below to learn more about our data protection measures.

sky-lock-1 1

Penetration testing

The Kairos platform and end points undergo regular penetration testing, by an independent third-party agency. 
These examinations are conducted at least once a year.

sky-cyber-shield 1

Policies & third-party assessments

Kairos policies also undergo regular assessments that focus on testing the effectiveness of controls implemented to secure the environment by identifying and exploiting vulnerabilities, validating their risk, and providing recommendations for remediation

sky-cupcake 1

Bug bounty program

Kairos has an established Bug Bounty Program, which deploys a large range of security professionals to test new releases.

Frame 55613056

Security software development lifecycle (SDLC) standard

The Kairos Software Development Lifecycle (SDLC) rigorously incorporates comprehensive security measures throughout the platform, encompassing meticulous planning, robust development, and stringent release processes. This holistic approach ensures that security is not an afterthought but an integral part of every stage, safeguarding the platform against potential vulnerabilities and threats.

sky-code-icon

Data encryption

Kairos is built with a strong commitment to security and reliability, adhering to AWS's industry-leading standards. We ensure that all databases within the platform are fully encrypted, providing robust protection for your data at every level.

sky-growing-graph-icon

Data retention

Kairos ensures robust data retention practices by leveraging Amazon AWS infrastructure. The platform adheres to AWS's high standards for data durability, reliability, and security, ensuring that user data is retained safely and efficiently in compliance with industry best practices.

sky-checkmark

Endpoints security

All Kairos endpoints are fortified with robust security measures, utilizing JSON Web Tokens (JWT) to ensure secure and authenticated access across the platform.

sky-name-tag

Single-Sign-On (SSO)

When users connect to Kairos, they use a web browser over an enforced Transport Layer Security (TLS) 1.2 or higher connection. The Kairos platform supports federated access via OAuth 2.0.

sky-gears-icon 1

Business continuity and disaster recovery. 

Kairos has the necessary processes and procedures in place to recover critical functions and return to normal operations promptly. 

sky-man-avatar-3

Personnel security  

Kairos has implemented security controls for all staff. These include third-party security and background checks, ongoing security, privacy and handling of confidential information training. 

Data security

Our efforts to ensure the security of our clients’ data involve a range of proven tactics, third-party audits and certifications, in-depth customer audits, and direct dialog to verify our ability to meet enterprise-specific security demands.

At Kairos, we operate on a shared responsibility model that assigns specific security roles to all parties involved in the aggregation, storage, distribution, and use of enterprise data. In most cases, data responsibility is shared between the clients, a data residency provider, and, as keepers of the integration application, Kairos. Here’s how these responsibilities are typically assigned:

techny-server-hardware-for-data-storage-and-processing 1

Kairos

... controls the flow of data between calendar and business applications. In that role, we’re responsible for the implementation and maintenance of designated encryption protocols, permission-based data access controls, and current regulatory compliance.

Data residency providers

... are responsible for secure data storage. The core Kairos platform is hosted in Amazon Web Services (AWS) data centers in various AWS regions across the United States.
Upon request, Kairos can also be deployed in regional data centers world-wide to meet GDPR or other privacy related legislation.

Clients

... are ultimately responsible for how they gather, retain, and utilize calendar and employee data by implementing and following thorough privacy and security policies – and taking necessary steps to ensure regulatory compliance.

Data recovery

Kairos prioritizes data recovery and resilience through innovative measures:

Implementing an industry leading distributed backup system that ensures multiple redundant copies of user data across geographically diverse locations.

Conducting regular disaster recovery drills to test and improve the platform's ability to quickly restore services and data in various scenarios 

These advanced features demonstrate Kairos's commitment to data integrity and business continuity, ensuring users can always access and recover their valuable information.

Compliance

Kairos undergoes independent third-party audits to verify and certify its security, data privacy, and compliance controls. This process helps meet customers' legal, regulatory, and organizational policy requirements at scale. 

To access reports, certificates, external penetration tests,  please contact Kairos directly for access to the Trust Documentation. 

techny-data-privacy-and-security-on-laptop 1