Move Beyond Compliance

Security From Ground to Cloud

KLASH makes compliance easy. Automatic security checks, encrypted data and custom key generation gives you security way beyond the recommended requirements.

We host the KLASH platform on Microsoft Azure, which provides multi-layered security across physical data centers, infrastructure, and operations. Microsoft invests $1 billion yearly into protecting the Azure infrastructure and has thousands of security experts that actively monitor the safety of your content.

Automatic encryption and prevention of DDoS attacks, hardware and firmware protection by constantly re-evaluating code and failure prediction enabled by machine learning are just a few of the means to keep your content safe.

Lock It in a Vault and Re-Generate the Key

KLASH supplies customer managed keys for encryption of data besides the default encryption done in Microsoft Azure Storage. Customer managed keys puts you in complete control of the key generation, either create your own and store them in a key vault or use the Azure Key Vault APIs to generate them.

Trusted Partner Network Best Practices

KLASH strictly follows the guidelines of the Trusted partner network created by the Motion Picture Association of America (MPAA) and the Content Delivery and Security Association (CDSA). These guidelines prevent leaks, breaches, and hacks of pre-released, high-value media content.

Still Not Convinced?

If you want a full review of how we work with security, reach out to us and we’ll send you a copy of our Information Security Management System (ISMS). The ISMS includes:

- The business’s incident management process regarding detection, handling and traceability

- An example of how we would handle a major security-related incident The information classification model

- How we evaluate personnel and consultants that work with your account

FAQ

How does KLASH ensure data is unreadable by cloud service providers?

KLASH uses Microsoft Azure Storage as our cloud service provider. Azure encrypts all data stored at rest - protecting against malicious intent. By default, Azure encrypts data with Microsoft-managed keys.

How do you manage application security risks?

KLASH handles application security risks by rigorously adhering to the Trusted Partner Network guidelines created by the Motion Picture Association of America (MPAA) and the Content Delivery and Security Association (CDSA).

How do you test for security vulnerabilities?

We do regular security tests on the platform, where we check installed dependencies for security vulnerabilities and security issues in the code. We also use two-factor authentication technology - which has built in vulnerability testing.

Are you ISO 27001/20000 certified?

No. But we’ve built our information and IT-security standards on the concept of ISO 27001/20000 and an ISO 27001/20000 certified consultant has implemented these standards.

Do you have a vulnerability management process?

Yes. We use tracking tools from Microsoft Azure and Sentry for error reporting, management and tracing. The servers are on virtual networks and allow minimal external access.

Is Microsoft Azure safe?

Absolutely. Microsoft invests $1 billion yearly into security, which includes protecting the Azure infrastructure. With over 3,500 cybersecurity experts, of which hundreds are specifically tracking weaknesses daily, we can definitely vouch for the safety of the storage solution.

Do you process data outside of the EU/EEA?

Not if you don’t want us to.

Do you support Multi Factor Authentication (MFA)?

Yes.