Kitewheel Security

Kitewheel takes the security and availability of our services very seriously. Kitewheel adheres to the SOC 2 Security and Availability Trust Services Principles and is audited by a respected third-party. A SOC 2 report is available on request to existing partners and clients.


Physical Security


All Kitewheel servers are hosted at Tier III+ data centers that are operated at ISO27001 compliance levels. Data center facilities are powered by redundant power, each with UPS and backup generators.

On-Site Security

Our data center facilities feature a secured perimeter with multi-level security zones, 24/7 manned security, CCTV video surveillance, multifactor identification with biometric access control, physical locks, and security breach alarms.


Kitewheel leverages data centers in the United States, Europe, and Japan. Customers can choose to locate their Service Data in the US-only or Europe-only


Network Security


Our network is protected by firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits, and network Intrusion Detection and/or Prevention technologies (IDS/IPS) which monitor and/or block malicious traffic and network attacks.


Our physical network structure is designed to have multiple zones based on the security classification of the systems. Public, private and DMZ zones are used to separate the most sensitive systems from those that need to be public internet facing.

Intrusion Detection + Prevention

Kitewheel uses continuous 24/7 intrusion detection monitoring to raise alarms if there is unexpected activity on any of our managed systems.

Vulnerability Scanning

During every release cycle Kitewheel scans the application for known vulnerabilities using up-to-date signature packages. Security vulnerabilities identified are a release gate which must be passed prior to rollout.

Server Scanning

Every server is statically scanned on a regular basis for common vulnerabilities and exposures, security best practices and OWASP recommendations.



Encryption in Transit

Communication between client systems and the Kitewheel hub, both interactive and with the Kitewheel graph API, uses HTTPS and Transport Layer Security (TLS). Kitewheel uses a minimum of TLS 1.2.

Encryption at Rest

All data stored by Kitewheel is encrypted at rest using strong encryption techniques and different keys for development, UAT and production servers. Sensitive information is also encrypted at the value level on insertion to the database.


Availability & Continuity


Kitewheel maintains a publicly available status page at which includes system availability details, scheduled maintenance and other incidents. Customers can subscribe to the status page for real-time alerts.


Kitewheel uses system redundancy, physical separation of systems and network redundancy to eliminate single points of failure. A continuous backup regime means that we can restore our systems quickly on redundant servers.

Disaster Recovery

Kitewheel’s disaster recovery program ensures that our services remain available or are quickly recoverable under a number of circumstances. Disaster recovery exercises are performed at least annually.


Software Development Lifecycle

Security Training

Kitewheel maintains a publicly available status page at which includes system availability details, scheduled maintenance and other incidents. Customers can subscribe to the status page for real-time alerts.


All testing includes automated scanning and penetration tests for security vulnerabilities. These are automatically updated against the most recent known threats. QA staff are trained in code review techniques for security vulnerabilities.

Separate Environments

All software development, testing, staging and performance evaluation environments are distinct from the production environments.


All code is statically analysed prior to commit and during each pull request for potential security vulnerabilities. Each application release is gated on passing an active penetration test. All of the Kitewheel Hub infrastructure is regularly scanned for known vulnerabilities and is monitored 24×7 for intrusion.


Product Security Features

Transport Layer Security

Kitewheel uses the highest level of TLS recommended by the security community. This is currently TLS 1.2 for all external facing interfaces.

Password Policy

The Kitewheel Hub password policy restricts the form of passwords, minimum length and acceptable characters. Password expiry is enforced and re-use of the past five passwords Is not allowed.

Compliance Certification

Kitewheel operates in Line with the SOC 2 Security and Availability Trust Services Principles. A SOC 2 Report is available under NDA for existing customers.

Ready to Start Flexing Your Existing Stack as One Integrated Customer Interaction System?

Tell us a bit more about yourself and we’ll be in touch to schedule a demo!

  • This field is for validation purposes and should be left unchanged.