Data and System Security
KeepShift keeps your data secure
Our Security Commitment
KeepShift provides a platform built to the highest security standards, with a commitment to deliver the best customer experience for owners and users of the platform, ensuring that our customers’ information is kept secure and safe is our highest priority.
Compliance
We ensure our platform meets key industry standards. KeepShift uses a payment gateway that is PCI compliant for handling credit card transactions.
KeepShift monitors our infrastructure using external and internal vulnerability scanning. We perform annual audits and security assessments with independent and globally recognised security assessment firms.
Infrastructure
KeepShift runs on Google cloud infrastructure. We host customer instances regions provided by Google and host your data in the region closest to your business — to streamline performance Securely deliver services to users with speed and reliability—all on Google’s infrastructure.
This is backed up by Googles 99.99% uptime service level agreements to ensure that KeepShift is always available.
Encrypted data and communication
KeepShift uses Encryption both to securely communicate with our users and to store all customer information. KeepShift uses only TLS 1.2 or higher encryption with restricted cipher sets for all website, mobile, and integration communications. On our backend, we encrypt all customer data at rest that is stored within our databases.
Passwords and 2-Factor Authentication
KeepShift provides a variety of options to keep your account secure. In addition to passwords, KeepShift provides 2-Factor Authentication capabilities on every user account using industry-standard one-time codes. For top level security, KeepShift allows you to turn on 2-Factor Authentication (2FA) for yourself and any other profiles under your account. This means that when logging in, you and other users will need to verify the login using 2FA, as well as entering specific username and password
Customer Separation
All customer data is kept logically separate through sharing of database partitions and multi-regional deployment. This ensures that there is no data overlap or loss of data integrity between customers.
User Access
To access the KeepShift system users must enter their unique username and password details into the login page. The usernames and passwords for each user can be controlled by the administrator if required. The login and authorisation of each user is processed over a secure and encrypted connection. At anytime you can also change a user’s security settings, including suspending or removing their access altogether.
Access Roles
KeepShift provides role-based access levels so that employees, managers, and administrators can only view data that is relevant to them. This access can be customised to suit your needs through the KeepShift application platforms
Commitment to Data Privacy
KeepShift is committed to keeping your data private and respecting individual privacy rights and regulations. At all times you retain ownership of all data related to your KeepShift account. If at anytime you discontinue use of KeepShift you can request the removal of all information related to your account from the KeepShift system. You can also request a copy of your database if required.
Please see our Privacy Policy page for more details.
Need more info about security? Please talk to us
KeepShift’s in-house Security Team is dedicated to securing data, protecting KeepShift from threats, and providing assurance to customers. If you have any security questions, please get in touch.