<img alt="" src="https://secure.leadforensics.com/779489.png" style="display:none;">

Kim Infrastructure and IT Security Credentials

We understand that trust is earned.

Here’s why IT leaders and CTOs at Fortune 500 companies and fast-growing SMEs trust Kim.

 

1. Platform Hosting and Databases

  • Data Residency: Configurable to meet sovereignty requirements
  • Database: Kim's databases are standardized on PaaS and Azure SQL

2. Data Protection and Backup

  • Data is Secured at Rest and in Transit: Using HTTPS, HMACSHA256, TLS 2.0 access, strict transport
  • Backup: Azure GRS with a two-week backup retention and restore tests performed at least once every 12 months

3. Certificates & Compliance

  • ISO/IEC 27001:2022 Certified Information Security Management System (ISMS)
  • SOC 2 Type 1 Compliance
  • Hosted on Azure Services Certified to: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27018, FedRAMP, HITRUST

4. Application Hosting and Security

  • Standardized Technical Infrastructure Architecture: Application hosting MS Azure App Services with PaaS
  • SSO Integration: Supports SAML 2.0, OAuth 2.0. Kim assesses OWASP.
  • Role-Based Access Control (RBAC): All platform access is governed through RBAC principles towards site access.
  • Multi-Factor Authentication (MFA): Enforced internally
  • Immutable Audit Logging: At system, user, and API levels
  • Penetration Testing: PEN tests are conducted at least once a year by Nettitude
  • Vulnerability Scans: Vulnerability scans are conducted weekly using Qualys
  • Virus Testing: Kim passes all content through a site hosted version of ClamAV

5. Operational Resilience

  • Uptime Target: 99.9%+
  • Disaster Recovery: Daily backups, cross-region replication
  • DR Testing: At least annually
  • RPO: < 24 hours | RTO: < 8 hours
  • Monitoring: 24/7 security monitoring with Azure-native threat intelligence

6. Incident Response 

  • Kim's Incident Management Policy is documented in its ISO 27001 procedures. This policy covers 'Incident Identification’, 'Detection' and 'Confirmation' through 'Initial Communication' 'Incident/Escalation Managers', 'Investigation' and ' Action’ to 'Incident Containment', Preserving the Evidence' to 'Incident Resolution' Forma (this list is not exhaustive)

7. Why do Fortune 500 companies trust Kim?

  • Proven track record with global deployments over many years
  • Fast, secure onboarding without heavy IT lift
  • Enterprise-grade reliability and resilience
  • Transparent security posture — no black boxes, no hidden risks

When your reputation is on the line, Kim is a partner you can trust.

Request More Information

Schedule a Technical Deep Dive

Get in Touch