Koves Technologies, LLC (“Koves”) is a web and software development company that observes the following standards for data privacy and security.
Koves’ client-specific applications collect customer information for each client, consistent with that client’s needs. Koves does not collect customer information for its own purposes. All confidential information within our sites or applications is captured through SSL-enabled forms. We do not share or sell client or prospect lists.
Secure protocols (Advanced Integration Method (AIM) and 256Bit secure sockets layer (SSL)) are used when connecting to the host servers for coding or file transfers. Development servers are password protected.
Our applications are hosted by a leading hosting firm on a dedicated server. The host firm is dedicated to state-of-the-art data center security, 24/7 monitoring by Internet specialists, 150+ permanently recording video cameras, and a security airlock ensures that only authorized personnel can enter the Data Centre. Backup power is supplied by a bank of diesel generators, and multiple levels of fail-safe provisions ensure uptime.
Our primary development office is in a physically secured building in Chennai, India. Building doors are controlled by locked doors, internal and external security personnel, and biometric (thumb print) scanners into the office suite itself. No confidential client data is stored on site.
All system-level passwords are changed on at least a quarterly basis. All production system-level passwords are part of the InfoSec administered global password management database. All user-level passwords (e.g., email, web, desktop computer, etc.) are changed at least every six months. Where SNMP is used, community strings are changed from the defaults of “public,” “private” and “system” and must be different from the passwords used to log in interactively. All user-level and system-level passwords must be fifteen characters or more, and must not be a word found in an English or foreign dictionary. Secure passwords are never entered into non-secure protocols (ie. ftp) or public terminals.