Kyvos Cloud Data Management and Security
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
Data Flow
The following figure illustrates the Kyvos Cloud data flow diagram.
Data Backup
Data that need to be backed up, is stored on versioning and replication enabled S3 bucket to increase durability.
When users need to recover data, administrators will select the most recent version or a historical version, as needed. The administrators can then select the files to be restored from the available dates and times. S3 replication uses a secure channel to transmit data from one region to another. On request Kyvos team can enable S3 Lifecycle policy is implemented to move data to low-cost storage for longer retention.
Data Confidentiality
Customer trust is the top priority for the Kyvos team. Kyvos team knows that customers care deeply about privacy and data security.
Kyvos team makes sure that customer content will be stored securely at rest and in transit. Infrastructure also takes necessary care of unauthorized access to or disclosure of content.
Maintaining customer trust is an ongoing commitment. We strive to inform you of the privacy and data security policies, practices, and technologies we've put in place. These commitments include:
Access: Kyvos gives full control to customers to restrict their data and access. Customers can configure read-only access to Kyvos ARN.
Storage: Kyvos only stores customer's metadata and is only accessible using Kyvos Web portal.
Security: Kyvos uses AWS KMS or AWS CloudHSM to store data in encrypted manner.
Disclosure of customer content: Kyvos team does not disclose customer content unless required to do so to comply with the law or a binding order of a government body.
Security Assurance: The Kyvos Support team helps customers use best practices for global privacy and data protection to help them operate securely.
Security monitoring
Cybersecurity threat monitoring describes the process of detecting cyber threats and data breaches. Monitoring is a crucial part of cyber risk management, enabling AWS cloud services to detect cyber-attacks in their infancy and respond to them before they cause damage and disruption.
Kyvos Team is using AWS CloudWatch services to monitor. CloudWatch ingests logs, events, and metrics across Kyvos AWS infrastructure to ensure visibility into the environment.
As anyone who has operated a SIEM knows, having a tool that can aggregate a ton of data and make it accessible to engineers is crucial. Because CloudWatch integrates with Guard Duty and can provide a huge amount of surrounding information, it can also make it easier to troubleshoot security incidents.
CloudWatch also aggregates performance and resource utilization data. Kyvos team would use CloudWatch data to set up autoscaling for infrastructure.
CloudWatch provides a single pane for visibility of Kyvos components logs, events, and other security services.
AWS CloudTrail service enables governance, compliance, operational auditing, and risk auditing of the AWS environment. It helps to monitor configuration changes, account activity, and logs in the environment.
Copyright Kyvos, Inc. All rights reserved.