Security at Kanvamo
We take the security of your data seriously. Here's how we protect your workspace.
Encryption everywhere
All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Passwords are hashed with bcrypt and never stored in plain text.
Infrastructure security
Kanvamo runs on SOC 2 Type II certified cloud infrastructure. We use isolated environments per customer with strict network segmentation.
Access controls
Role-based access control (RBAC) ensures team members only see what they need. Admins can audit access logs and revoke permissions instantly.
Automatic backups
Your data is backed up every hour with point-in-time recovery for up to 30 days. We test restoration procedures quarterly.
Vulnerability management
We run continuous dependency scanning, static analysis, and quarterly penetration tests. Critical vulnerabilities are patched within 24 hours.
Compliance
Kanvamo is GDPR compliant and working toward SOC 2 Type II certification. We offer Data Processing Agreements (DPAs) for all customers.
Additional security practices
- Two-factor authentication (2FA) available on all accounts
- SSO via SAML 2.0 for Enterprise plans
- Session management with configurable timeout
- Audit logs for all admin and data actions (Enterprise)
- IP allowlisting for Enterprise workspaces
- Responsible disclosure program for security researchers
- Annual third-party penetration testing
- Employee security training and background checks
Found a vulnerability?
We run a responsible disclosure program. If you've found a security issue, please email us and we'll respond within 48 hours.
security@kanvamo.com