Khoros Security
We take our commitment to protect your company, employees, and customers seriously. This is why the most trusted global brands with the highest need for regulatory compliance trust Khoros with their data. Our comprehensive security program spans seven core areas, each designed to provide multiple layers of protection.
Security Operations
Khoros implements operational policies for proactive monitoring, data encryption (at rest and in transit), vulnerability management, intrusion detection and prevention, and data retention and destruction protocols. Our security operations center maintains 24/7 vigilance over our infrastructure and applications.
Secure Application Development
Security is integrated robustly within our product development processes. We follow secure coding practices, conduct regular code reviews, and perform security testing throughout the software development lifecycle.
Physical Security
Khoros is hosted on Amazon Web Services (AWS) across US, Ireland, and Australia locations. AWS maintains ISO 27001, SOC 2 Type II, FedRAMP, and FISMA certifications.
Incident Response
Khoros maintains a dedicated Security Incident Response team with established runbooks for rapid management of potential incidents including detection, containment, eradication, recovery, and post-incident analysis.
Business Continuity & Disaster Recovery
Khoros uses AWS infrastructure across multiple geographic locations with multiple availability zones for regional delivery and resilience. Our BC/DR plans are tested regularly.
Risk Management
Khoros conducts in-depth annual risk analyses on critical systems with centralized tracking and remediation protocols across all aspects of our operations.
Third-Party Vendor Management
Khoros establishes contractual requirements for vendor compliance with Khoros security standards. All third-party vendors are assessed before engagement and monitored on an ongoing basis.
Security Certifications
