Ensuring user data is protected is an integral part of the Kumolus business…
As a result, our processes and practices are intended to keep your security and the protection of any sensitive data at the centre of everything we do.
Kumolus Encrypts Data
Kumolus ensures your sensitive data is encrypted, whether at rest or in transit. Kumolus encrypts data using algorithms on our platform (e.g.SHA-256). Kumolus web connections are secured via 256-bit SSL.
Kumolus follows Strict security and key management procedures
Kumolus employs best practices to keep your sensitive information secure.
Kumolus is a Certified Partner with Amazon Web Services
Kumolus is certified Amazon Web Services Cloud Management Tools partner. The Kumolus products, and solutions have been vetted, validated, and verified by the AWS Partner Competency Program to ensure robust processes and practices are in place (including security).
Kumolus platform is hosted within an AWS Data Center
Kumolus stores data within an AWS data centre facility. AWS Data Centres are ISO 27001 certified with PCI DSS Level 1 compliance and SAS70 Type II. For more on AWS security visit: https://aws.amazon.com/security/
Kumolus Access to Microsoft Azure Accounts
Accessing Utilization Data
Kumolus utilises role-based access rights to collect utilization metrics from the Azure environment and in-turn the Kumolus platform has read-only access to this metric data.
Accessing Cost Data
Kumolus utilises API Access Keys to collect cost data from Microsoft Azure. This is best practice for obtaining cost data. API Keys are uploaded to Kumolus over an encrypted connection. Azure practices require that these API keys to be rotated every 6 months.
Kumolus Access Amazon Web Services (AWS) Accounts
Accessing Utilization & Cost Data
Kumolus utilises role-based access rights for cross-account access which is best practice for granting access. The AWS roles created to grant access to your account are policy based an can be revoked by the customer.