This document identifies the baseline security measures, policies and procedures employed at Akita. We understand how important our Customers’ data is and we treat it with respect. We will continually revise this document as we work to improve how we handle security at Akita.
Access control
Each Account has an Account Owner who can control access to the Account by adding and removing users. Akita does not have access to your passwords. With explicit Customer approval, authorized Akita staff can access your account to help you investigate issues you may be experiencing. The ability to access your account is restricted to a specific set of Akita staff and all access is logged.
Backups
Akita backs up customer data daily and retains these backups for 7 days.
Encrypted Data Transport
All applications use SSL for HTTP transport. We will disable support for older encryption standards that are no longer considered strong.
Firewalls
Akita blocks external to any non-essential ports.
Infrastructure
Akita and your data is hosted on Amazon Web Services (AWS). AWS has designed their data center and network architecture to meet the requirements of the most security-sensitive organizations. To ensure and document their security practices, AWS maintains several certifications and adheres to standards including SOC 1, SOC 2, SOC 3, ISO 27001, and PCI DSS Level 1. A thorough description of the security measures AWS has put in place to ensure security can be found at https://aws.amazon.com/security/.
Internal controls
Security is very important to us. Access to hosting infrastructure and customer data is limited to those that absolutely must have access.
Passwords
All Akita passwords are stored using strong, one-way cryptography.
Payment Data
Akita does not store sensitive billing information on our servers.
Security Breach Response
If we detect unauthorized access to our systems, we will notify each of our affected customers within 72 hours providing:
- a description of the events that occurred;
- a list of personal information that was compromised; and
- a list of recommended actions.
Two Factor Authentication
Access to Akita hosting infrastructure is restricted using two factor authentication (2FA).