1. Introduction

 

Anitech Solutions (“We”, “Us” “Our”, “The Company”) is committed to protecting the privacy and confidentiality of all data, including personal data, collected or processed during its business operations and Customers interactions with any of our products and services, including, but not limited to “KnowCost” and “KnowActions” whether accessed on a web browser or mobile application. This Cloud Security Statement outlines the principles and practices that govern the collection, use, and disclosure of all data by the Company through the Cloud Services.

 

2. Physical Security

 

Our cloud-based services are hosted in Microsoft Azure and Amazon AWS with data centres located in Ireland. Microsoft Azure and Amazon AWS are two of the leading public cloud service providers, with each providing robust global cloud platforms incorporating strong security practices and high availability.

 

Both Microsoft Azure and Amazon AWS are responsible for the security of their actual data centres and respective clouds. They utilize a range of security featues designed to protect data and applications, that range from physical and environmental security through network security to data privacy and security controls, that comply with numerous standards, such as ISO 27001/27017/27018 and AICPA SOC-2 along with transparency in how security is implemented and managed.

 

Both Microsoft Azure and Amazon AWS are responsible for the security of their actual data centres and clouds. They utilize a range of security features designed to protect data and applications, that range from physical and environmental security through network security to data privacy and security controls, that comply with numerous standards, including ISO 27001/27017/27018 and AICPA SOC-2 along with transparency in how security is implemented and managed.

 

3. Certification

 

Both Microsoft Azure and Amazon AWS have been certified by third-party organisations and manage multiple compliance programmes to comply with laws and regulations.

 

For more information about security at AWS and Azure click the respective name.

 

For more information about compliance at AWS and Azure click the respective name.

 

Anitech Solutions is a partner vendor with Atlassian. To learn more about Atlassian Marketplace Apps Trust Programme click here.

 

4. Data Security

 

Anitech Solutions is committed to maintaining the security and confidentiality of personal data. Appropriate technical, organizational, and administrative measures will be implemented to protect against unauthorised access, loss, or misuse of personal data. Employees, contractors, and third parties who have access to personal data will be trained and required to comply with the Company's data privacy and security policies.

 

We take appropriate technical and organizational measures to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. We limit access to personal information to authorized employees and third-party service providers who need to know the information to perform their duties. We regularly review and update our security measures to ensure they are effective and appropriate.

 

Within Anitech Solutions there are a limited number of people who have access to production environments with the purpose of maintaining our cloud services, with all access to cloud services being monitored.

 

Sensitive customer data is encrypted, segregated and segmented in a multi-tenant architecture, thereby offering the highest assurance that data is stored securely, limiting the risk of data breaches and unauthorised access.

 

All data flows use Advanced Encryption Standard (AES) 256-bit encryption with secure 2048-bit X.509 certification, using SSL/TLS over HTTPS industry standards, whether from browser-based interactions or mobile applications. Any of our REST API’s also leverage this encryption standard.

 

Customers are responsible for maintaining the security of their login credentials. Sign up and registration to any of Anitech Solutions’ products and services, including “KnowActions” is done through OAuth 2.0 authorisation frameworks. For enterprise customers Single-Sign-On (SSO) and federated identify access integrations are available. Secure credentials are promoted through password complexity rules at sign up and registration and account ownership is verified at such times.

 

5. Data Retention and Backup

 

Personal data will be retained for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. When personal data is no longer needed, it will be securely disposed of or anonymised, unless otherwise required by law.

 

All data held in regularly backed up and encrypted following industry standards.

 

6. Privacy

Anitech Solutions understands the importance of privacy of personal data and being legally compliant with privacy laws and regulations. Refer to our Privacy Policy for further information.