Khamelia Security Overview
Updated 4:00 PM PST, Fri Sep 11, 2020
We at Khamelia take security very seriously. We developed our Software Business Suite around security, and not the other way around. We have been in the software field for a very long time and the horror stories we heard and the sadness, stress, and pain that we saw others experience has put in us a dogmatic focus on security. In the past the security focus was for the systems admins only. Now, security is the focus from the Executive staff on to the rest of the organization, vertically and horizontally. At Khamelia, security is the focus and responsibility of everyone, and our assumption is that our customers think and operate the same as we do.
Security at Khamelia
Protecting your data
We are committed to the security of our customers’ data and provide multiple layers of protection for the project, company and personal information you trust to Khamelia.
You control access
We encrypt all data that goes between you and Khamelia using industry-standard TLS (Transport Layer Security), protecting your personal and project data. Your data is also encrypted at rest when it is stored on our servers and encrypted when we transfer it between data centers for backup and replication.
Khamelia takes a defense-in-depth approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our Khamelia SaaS environment, building on top of the Microsoft Azure security, including: firewalls, intrusion protection systems (IPS), and network segregation. Khamelia’s security services are configured, monitored and maintained according to industry best practice. We partner with industry-leading security vendors to leverage their expertise and global threat intelligence to protect our systems.
Secure data centers
Khamelia’s servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. Microsoft Azure maintains multiple geographically separated data replicas and hosting environments to minimize the risk of data loss or outages.
Khamelia's Security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.
Best in class availability
With a record of 99.97% uptime, Khamelia delivers best-in-class availability. We use multiple redundancy technologies for our hardware, networks, data centers and infrastructure. These ensure that if any component fails, Khamelia will keep on running – with little or no disruption to your service.
Built to perform at scale
Khamelia has been designed to grow with your business. Our high-performance servers, networks and infrastructure ensure we can deliver quality service to you and our hundreds of thousands of other users.
Disaster recovery and readiness
Khamelia performs real-time data replication between our geographically diverse, protected facilities, to ensure your data is available and safely stored. This means that should an unlikely event occur, such as an entire hosting facility failure, we can switch over quickly to a backup site to keep Khamelia and your business running. We transmit data securely, across encrypted links.
Constant updates and innovation
We're constantly enhancing Khamelia, delivering new security features and performance improvements. Updates are delivered frequently, with the majority of them being delivered without interrupting our services and disrupting our users.
Receive Khamelia News & Updates
Your online safety
There are always risks to working and being online. Whether you are shopping, banking, doing your accounts, or simply checking your email, cyber criminals and scammers are always looking for ways to steal sensitive information.
There are precautions you can take to reduce the risks and help keep you safe from harm online. Take a few minutes to read our introduction to cloud security and see information below on how to identify and deal with scams and malicious phishing emails.
Phishing and malicious emails
A phishing email is a favored way for cyber criminals to get access to your sensitive information, such as your usernames and passwords, credit card details, etc. This kind of email may look as if it has come from a trustworthy source, but will attempt to trick you into:
- Clicking on a link that will infect your computer with malicious software
- Following a link to a fake (but convincing looking) website that will steal your login details
- Opening an attachment that will infect your computer
Once you are hooked, the cybercriminal may be able to steal or extort money from you or gather sensitive personal or business information that they can use for other attacks. However, you can protect yourself and your business by being aware of these scams, and by knowing what to look for that may help you identify a malicious email:
- Incorrect spelling or grammar: legitimate organizations don’t always get it 100% right but be suspicious of emails with basic errors.
- The actual linked URL is different from the one displayed – hover your mouse over any links in an email (DON’T CLICK) to see if the actual URL is different.
- The email asks for personal information that they should already have, or information that isn't relevant to your business with them.
- The email calls for urgent action. For example, "Your bank account will be closed if you don't respond right away". If you are not sure and want to check, then go directly to the bank’s website via the URL you would normally use or phone them. Don’t click on the link in the email. The email says you’ve won a competition you didn’t enter, have a parcel waiting that you didn’t order, or promises huge rewards for your help. On the Internet if it sounds too good to be true then it probably isn’t true.
- There are changes to how information is usually presented, for example an email is addressed to "Dear Sirs" or "Hello" instead of to you by name, the sending email address looks different or complex, or the content is not what you would usually expect.
But even if there’s nothing specific you can point, such as the above, you may get the sense that the email may just not feel right. Trust your instincts, and don't get hooked.
If you suspect you’ve received a phishing or malicious email, and it says it's from Khamelia or uses Khamelia’s logo, do not click on anything in the email – please report it by forwarding the email to email@example.com.
Try to avoid a phishing attack by following these rules
If you receive a suspicious email message, make sure you:
- DO NOT CLICK on any link or attachment contained in the email.
- DO NOT REPLY to the email.
- Report the email by forwarding it to firstname.lastname@example.org if it is Khamelia-branded.
- Delete the email.
- Update your anti-malware (anti-virus, anti-spyware) and run a full scan on your computer.
These are just a few of the things to watch out for. There's a lot more information and tips available on the web. You can visit the Scams and Safety site on the FBI.gov website for a broad range of scams, or the FTC website on phishing scams, or other internet scams.
Khamelia's Security Noticeboard is where you'll find updates on known phishing and other scams targeting our community, as well as any recommendations on how to protect yourself from them. We'll also post other security related news from Khamelia on the Noticeboard.
If you have questions about security matters, or notice any unusual activity or emails related to Khamelia, please go to Khamelia's Online Help Center for support articles about security, or to get in touch with our support team at Support@Khamelia.com.
Essential Business Tools
Adaptive Business Intelligence