Security Profile Overview

Contact Us

Visibility

KeyCloud helps you prioritize risks and expedite remediation of vulnerabilities. A lack of visibility and control makes you vulnerable to security breaches and financial loss. The question is no longer if you’ll be breached, but when. KeyCloud helps you find, fix and secure endpoints through real-time visibility, scalability and ease of use:

  • Visibility: mitigate threats by discovering endpoints you don’t even know exist.
  • Scalability: multi-platform support of over 90 different operating systems lets you manage 250,000 endpoints all from a single server.
  • Confidence: gain confidence knowing that your endpoints are successfully patched on the first pass.
  • Speed: blazing fast deployments of both software and patches.
KeyCloud Security - Visibility
KeyCloud Security - Prevention

Multi-Method Prevention

Instead of using outdated traditional antivirus, KeyCloud uses multi-method prevention. This method provides a proprietary combination of malware and exploit prevention methods that pre-emptively block both known and unknown threats. Threat actors rely on the following two attack vectors to compromise endpoints:

  • Malware: a self-contained malicious executable that is designed to perform nefarious activities on the system.
  • Exploits: weaponized data files or content that are designed to leverage software flaws or bugs in legitimate applications to provide an attacker with remote code execution capabilities.

Network Security Management

KeyCloud’s Network Security Management solution enables you to control your distributed network of firewalls from one central location. From a single console you are able to view all of your firewall traffic, manage all aspects of device configuration, push policies and generate reports. The benefits include:

  • Streamlined Policy Management
  • Simplified Operations
  • Unparalleled Network and Threat Visibility
  • Flexible Deployment Options
KeyCloud Security - Management
KeyCloud Security - DDoS

DDoS Attacks

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. These attacks target a wide variety of important resources, presenting major challenges for people trying to publish and access important information. Types of attacks include:

  • Traffic Attacks: traffic flooding attacks send a huge volume of TCP, UDP and ICPM packets to the target. Legitimate requests get lost and these attacks may be accompanied by malware exploitation.
  • Bandwidth Attacks: this attack overloads the target with massive amounts of junk data, resulting in a loss of network bandwidth and equipment resources and can lead to a complete denial of service.
  • Application Attacks: application-layer messages can deplete resources in the application layer, leaving the target’s system services unavailable.

KeyCloud’s security solutions help battle and prevent all types of DDoS attacks.

Penetration Testing

KeyCloud’s penetration testing analyzes a computer system, network or web application to find vulnerabilities that an attacker may exploit. The process includes gathering information about the target, identifying possible entry points and reporting the findings. Some penetration testing strategies include:

  • Targeted Testing
  • External and Internal Testing
  • Blind Testing
  • Double Blind Testing
KeyCloud Security - Penetration
KeyCloud Security - SOC Service

Regulatory Compliance

SSAE 18 Soc 1, Type 2

SOC reports consider controls at a service organization relevant to user entities’ internal control over financial reporting.  SOC reports are prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No. 18, which reports on controls at service organizations like KeyInfo, and are specifically intended to meet the needs of client’s management and their auditors as they evaluate our controls on financial statement assertions. These reports are an important evaluation when clients need to consider financial reporting compliance laws and regulations such as the Sarbanes-Oxley Act. KeyInfo’s independent auditor’s SSAE No. 18 Soc 1 Report for data center and cloud services was prepared in accordance with the AICPA SSAE No. 18 and IAASB ISAE 3402 Standards and is available for review. Please contact us for more information.

HIPAA Compliance

A growing number of healthcare organizations and their patients rely on KeyInfo’s KeyCloud services to process, store, and transmit protected health information under the HIPAA compliance guidelines.

KeyInfo enables covered organizations and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) to feel confident with KeyInfo’s Data Center and the KeyCloud environment to process, maintain, and store protected health information within the guidelines of HIPAA and HITECH.

KeyCloud Security - HIPAA