Skip to main content
KeenSafe
Legal · Information Security Policy

Information Security Policy

How KeenSafe protects information across the platform, customer environments and the operation of the company itself. Operationalised through ISO 27001-aligned controls, evidenced continuously, and reviewed by the leadership team at least annually.

Effective 2025-01-15·Version 3.0·[email protected]
01

Scope

This policy applies to all information processed, stored or transmitted by KeenSafe — customer data, evidence artefacts, telemetry, source code, corporate information and personal data of employees and contractors. It covers all KeenSafe employees, contractors, sub-processors and third-party partners with access to KeenSafe systems.

Customer-side scope is governed by the customer's own information-security policy and the master subscription agreement; this policy describes KeenSafe's obligations as the processor.

02

Governance and accountability

The KeenSafe Chief Information Security Officer is the named accountable executive for this policy. The CISO reports to the Chief Executive Officer and presents posture to the board on a quarterly cadence.

A documented ISMS (Information Security Management System) operates against ISO/IEC 27001:2022 control objectives, with internal audit and management-review cycles.

03

Security principles

  • Default-deny: access is granted only when justified, by role, under the principle of least privilege.
  • Defence in depth: no single control is relied on for high-impact actions; multi-layer enforcement is required.
  • Production-safe by design: customer-facing operations are throttled, isolated and reversible by platform invariant.
  • Tamper-evident evidence: every action against customer data is logged and cryptographically signed.
  • Continuous validation: KeenSafe applies its own platform to validate its own security posture, continuously.
  • Minimum data: customer data is processed only to the extent required for the service contracted.
04

Identity, access and authentication

  • All employee and contractor access to KeenSafe systems is via a managed identity provider with hardware-backed multi-factor authentication.
  • Privileged access uses a tiered model with just-in-time elevation, recorded session and approval workflow.
  • Production access is granted only to roles that require it, reviewed quarterly, and revoked within 24 hours of role change or termination.
  • Customer tenants enforce SSO (SAML, OIDC) and SCIM provisioning where the customer subscription supports it.
05

Cryptography and key management

  • Data in transit is encrypted using TLS 1.3 with strict cipher policy. Older TLS versions are disabled.
  • Data at rest is encrypted using AES-256-GCM with envelope encryption. Key management is delegated to managed HSM-backed services in each region.
  • Customer-managed keys (BYOK) are supported for enterprise tenants on private and on-premise deployments.
  • Evidence artefacts are signed using long-lived asymmetric keys; signatures travel with the artefact for tamper evidence.
06

Tenant isolation

Customer tenants are cryptographically isolated. Data, evidence, secrets and execution scopes do not cross tenant boundaries. The orchestration plane enforces tenant context at every step in the validation engine.

Multi-tenant SaaS deployments use logical isolation with per-tenant encryption keys. Single-tenant, private-cloud and on-premise deployments add physical isolation. Air-gapped deployments add network isolation.

07

Secure software development

  • Source-code repositories enforce branch protection, mandatory peer review and signed commits.
  • Dependency security is monitored continuously; high-severity vulnerabilities are triaged within one business day.
  • Static analysis, secret scanning and dependency scanning run on every pull request. Build artefacts are signed.
  • Production releases pass security review and require explicit approval from the security team.
  • Pre-production environments mirror production controls; customer data never enters non-production.
08

Monitoring and detection

Production telemetry is centralised in a dedicated SIEM. Detection-engineering content is version-controlled and regression-tested against KeenSafe's own validation engine.

Continuous validation is run against KeenSafe corporate and production environments at the same cadence offered to customers — the company applies its own product to itself.

09

Incident response

  • A documented incident-response plan with named roles is exercised at least twice annually through tabletop or live exercises.
  • Customer notification follows the timelines specified in the master subscription agreement and applicable law (GDPR Article 33, NIS2 incident reporting and sectoral regulations).
  • Vulnerability reports against KeenSafe products are triaged within one business day via [email protected]. Coordinated disclosure programme is published.
10

Business continuity and disaster recovery

  • Production services are designed for region-pair failover with documented Recovery Time Objective (RTO) and Recovery Point Objective (RPO) targets.
  • Backup and restoration procedures are tested at least quarterly. Restore tests include cryptographic verification of backup integrity.
  • On-call rotations cover 24×7 with named escalation paths.
11

Sub-processors and supply chain

A current list of sub-processors is maintained on the Trust Center. Material changes (new sub-processor in scope for a tenant) trigger advance notification per the contractual notification window.

Sub-processors are subject to security due diligence at onboarding and re-reviewed annually. Contractual flow-down of data-protection and security obligations is required.

12

People security

  • Background checks are performed on KeenSafe employees and contractors with access to customer data, subject to local law.
  • Mandatory annual security awareness training; targeted training for engineers, operators and customer-facing roles.
  • Confidentiality and non-disclosure obligations apply to all employees and contractors and survive termination.
13

Policy review

This policy is reviewed at least annually by the CISO and the executive team, and after any material incident, regulatory change or sub-processor change. Material updates trigger contractual notification per the master subscription agreement.

14

Contact

Security questions, vulnerability reports, customer-side security review requests and questionnaire support should be addressed to [email protected]. KeenSafe acknowledges security-related correspondence within one business day.

Document control

This document is informational and does not constitute legal advice. Material changes are versioned and announced. The effective date above governs the version a customer is contractually subject to under their agreement with KeenSafe.

Questions, corrections or requests should be sent to [email protected].