 |
 |
 |
 |
 |
 |
  |
Security
Klir's Secure Architecture At Klir Technologies, security is a top priority. Building on our collective experience at some of the most heavily utilized sites on the Internet — including Amazon, MSN, Expedia and Real Networks - we have employed industry best practices to ensure your data and identity remain private and secure. Klir Appliance Klir leverages a software appliance deployed at a customer's location to collect, encrypt and securely transport data from monitored devices inside your firewall. From the Klir Appliance to the Klir Data Center, all data is secured using SSL/TLS authentication and encryption. Authentication is bi-directional, utilizing RSA 2048-bit X.509 certificates. Encryption is negotiated to 256-bit AES (Advanced Encryption Standard). Klir Interface To access data, customers log in through a secure Web interface, or https authentication, using 1024-bit X.509 certificates and encryption negotiated at up to 256-bit AES encryption, depending on the specific browser. The login or the entire session may be encrypted — either way, users are required to authenticate using a unique user name and password combination. Passwords are stored securely via secure hash algorithm (SHA), so no administrators or backend database administrators have access to stored passwords. Klir Managed Service The Klir Analytics managed service platform is secured with a combination of internal policies and network security measures. Rights management is restricted to the services and people that need it, and the entire platform is architected with 100% failover and redundancy at every layer on the stack. All data is backed up and archived regularly. Klir Data Center Limited access to the Klir Data Center ensures that the application servers are safeguarded inside a telecommunications-grade facility. Network security measures include the following: redundant commercial-grade firewalls, network address translation (NAT), IP masquerading (IPMASQ, which makes all data appear to be coming to and going from the same IP address), and non-routable IP addressing. The Klir Data Center is located inside a tier 1 telecommunications facility, which limits physical access to Klir's production environment. Physical security measures include continuous, manned security, biometric scanning, surveillance cameras, the KeyTracTM system and cardkey access. The Klir Data Center also employs redundant routing, smoke and particle sensors, dry pipe and sprinkler heads, and heat sensors to proactively identify and avoid events that could interrupt service. Klir regularly engages in internal security reviews and is constantly seeking to improve internal processes and procedures. If you have security questions, contact us directly at support@klir.com or 206-902-2054. |