- Kingland Platform
For operations to continue running smoothly, organizations must have confidence that their data is secure and protected. These highly-regulated organizations need a partner that understands the data complexities of overseeing the business records and financial institutions that run the world. This means the security learning curve of your partners cannot be at the starting line.
We understand that yesterday's security approaches are inadequate. Because of this, we continue to invest more each year to create a set of processes, controls, and technologies that provide multiple layers of defenses against the existing and emerging threats required by Kingland and our clients.
Each year, we test our practices and controls against standards audited by third parties. The National Institute of Standards and Technology (NIST), SOC 2, CMMI Level 5 maturity level, and other cybersecurity programs undergird our robust information assurance environment. Third-party auditors interview our staff and review evidence that our controls are designed effectively and operate effectively.
We attribute our enterprise data security success to many more essential items:
By looking at where our risks are and reducing those risks, we have developed a security roadmap that receives funding and support from our corporate officers and board of directors. See a few of the ongoing security investments below.
Areas of Ongoing Security Investment
According to figures provided by Microsoft, multi-factor authentication (MFA) can block over 99.9% of account compromise attacks. Starting in 2018, we set forth a policy to do MFA on applications, networks, machines, and our facilities. We have implemented MFA to all key information and systems, and we continue to invest in new and improved MFA technologies across the enterprise.
During a recent meeting with our security auditors, they kept asking us, “Do you encrypt this? Do you encrypt that?” One of our senior architects summed it up, “We are adopting an encrypt everything approach. Everything at rest. Everything in transit. Everything.” We take encryption seriously. Our view is that the proper approach is “encryption by default.”
When architecting our platform, we spent considerable time ensuring that the architecture was “secure by design.” We have implemented methods to contain the “blast radius” of attacks through our micro-services architecture, by incorporating new technologies and methods to reduce the probability of successful and long-lasting attacks.
Historically, software teams would scan for vulnerabilities immediately before deployment. The challenge with this approach is that security is always something that does not receive enough attention. We have taken a different approach. We scan our code daily, which allows us to address vulnerabilities without delay.
Over the past year we have refreshed our network with the latest available technologies and re-designed our network using a zero-trust approach. The hardware and software we have deployed allow us to control access based on the user, their job role, the device they are using, how they are connected, and their physical location.
While we have held the United States Department of Commerce Privacy Shield (and previously Safe Harbor) designation since its inception as a program, we have further increased our scrutiny of data privacy practices in light of GDPR. Our view is it is impossible to have privacy without security. We invested in having a third party – TrustArc – do an independent, third party assessment of our Privacy Shield environment, and we have met their exacting standards related to data security and data privacy under applicable regulations.
The above areas are the tip of the iceberg of what Kingland is doing to protect our client’s data and processing integrity. We continually assess our risk posture and threat environment to determine where to invest for time and money in order to protect our clients. We will stay vigilant, laying the foundation for many years of meeting and exceeding our client’s expectations.
It's time for companies to listen to their Chief Security Officer. In 2021, security must be front-and-center. Digital security is no longer a nice-to-have. It is essential to protecting your clients, your business, and your shareholders.Learn More →
Data breaches are not caused by lapses in the cloud's security but instead by sub-optimal security processes and technologies used in the development and maintenance of the application.Learn More →
Think about encryption as a way to protect your house. You can choose to put a fence around your property and as long as no one gets through or around the fence, you could choose to leave everything inside the fence unlocked. Of course, there are people who could get through the fence so you may want to - at a minimum - lock the exterior doors.Learn More →