Kwanti enforces strict policies for data security and privacy, including:
- Continuous monitoring of network activity and daily review of data access logs. Accounts are automatically locked if suspicious activity is detected.
- Using strong encryption when transmitting information and for data storage.
- Two step authentication. To enable, please sign in to your account and select Security->Additional Security
- Our servers are located in a SSAE 16 type 2 certified datacenter with 24x7 security staffing and biometric scanner access. Access to sensitive data is restricted to authorized employees.
- Kwanti conducts background checks on new employees. The checks include criminal and employment verifications.
- Servers are actively maintained and continuously updated to the latest supported versions of system packages. Server protection include firewall, brute force protection, malware scanning.
- Vulnerability assessment and penetration testing are conducted on a regular basis by a an external audit company.
- Kwanti is PCI-DSS compliant. PCI-DSS is a standard covering protection of customer account data.
- Kwanti supports DKIM (Domain Keys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting & Conformance) for signing outbound emails.
For best protection we advise using a strong password, if possible different from passwords used on other websites, and enable two-step authentication.