Enterprise Class Security

We know your simulation models are extremely important to you and your business, and we're very protective of them. Protecting your project data, simulation models and your personal information is our top priority. Kogence complies with the strictest industry standards for security and data protection across every step of the user experience.

We're extremely concerned and active about security, but we're aware that many companies are not comfortable hosting simulation models outside their firewall. For these companies we offer Kogence Enterprise, a version of Kogence that can be installed to a server within the company's network.

  Physical Security

Kogence uses data center that are certified to adhere and conform to highest security standards. All Kogence data centers employ physical security, strict access policies, and secure vaults and cages.

Data center access limited to approved data center technicians

Biometric scanning for controlled data center access

Security camera monitoring at all data center locations

24x7 onsite staff provides additional protection against unauthorized entry

Unmarked facilities to help maintain low profile

Physical security audited by an independent firm

  System Security

Kogence system is setup with industry standard security configuration

System installation using hardened, patched OS

Dedicated firewall and VPN services to help block unauthorized system access

Distributed Denial of Service (DDoS) mitigation services powered by industry-leading solutions

  Operational Security

Kogence uses data center whose operations are regularly audited by independent firms against an ISAE 3000/AT 101 Type 2 Examination standard

Systems access logged and tracked for auditing purposes

Secure document-destruction policies for all sensitive information

Fully documented change-management procedures

  Software Security

We employ a team of 24/7/365 server specialists at Kogence to keep our software and its dependencies up to date eliminating potential security vulnerabilities. We employ a wide range of monitoring solutions for preventing and eliminating attacks to the site.

  Communications

All private data exchanged with Kogence is always transmitted over SSL (which is why your dashboard is served over HTTPS, for instance). All exchange of private data between storage and compute nodes is done over SSH authenticated with keys.

The SSH login credentials used to push and pull can not be used to access a shell or the filesystem. All users are virtual and have no user account on our machines.

  Administrative Controls

Kogence Users and Team Admins control permissions for access, editing, downloading, sharing and executing of projects that they manage. Private repositories are accessible only by you and collaborators that you choose to associate with your repositories.

  File system and backups

Every piece of hardware we use has an identical copy ready and waiting for an immediate hot-swap in case of hardware or software failure. Every simulation model we store is saved on a minimum of three different servers, including an off-site backup. We do not retroactively remove repositories from backups when deleted by the user, as we may need to restore the repository for the user if it was removed accidentally.

We invest heavily on making our machines and network as secure as possible.

Enterprise account customer’s data is stored isolated private storage sstem that is encrypted with keys that only customer has access to. If customer losses the key, data cannot be retieved or restored.

  Employee access

No Kogence employees ever access private repositories unless required to for support reasons. Staff working directly in the file store access the compressed database, your code is never present as plaintext files like it would be in a local clone. Support staff may sign into your account to access settings related to your support issue. In rare cases staff may need to pull a clone of your model, this will only be done with your consent. Support staff does not have direct access to clone any repository, they will need to temporarily attach their SSH key to your account to pull a clone. When working a support issue we do our best to respect your privacy as much as possible, we only access the files and settings needed to resolve your issue. All cloned repositories are deleted as soon as the support issue has been resolved.

  Maintaining security

We protect your login from brute force attacks with rate limiting. All passwords are filtered from all our logs and are one-way encrypted in the database using bcrypt. Login information is always sent over SSL.

We also allow you to use two-factor authentication , or 2FA, as an additional security measure when accessing your Kogence account. Enabling 2FA adds security to your account by requiring both your password as well as access to a security code on your phone to access your account.

We have full time security staff to help identify and prevent new attack vectors. We always test new features in order to rule out potential attacks.

We also maintain relationships with reputable security firms to perform regular penetration tests and ongoing audits of Kogence and its code.

We're extremely concerned and active about security, but we're aware that many companies are not comfortable hosting code outside their firewall. For these companies we offer Kogence Enterprise, a version of Kogence that can be installed to a server within the company's network.

  Credit card safety

When you sign up for a paid account on Kogence, we do not store any of your card information on our servers. It's handed off to Braintree Payment Solutions, a company dedicated to storing your sensitive data on PCI-Compliant servers.