Khamelia Integrated Security

Security is very important to everything we do at Khamelia. From our internal processes, to the way we develop our products from the ground-up, with security front-and-center. We understand our customers’ concerns when it comes to security. And in today’s day and age, these concerns are very warranted. With that in mind, we architected the Khamelia Business Software Suite around the latest security standards and recommendations, and we added our own based on our decades of experience. Thus, from the login process to user account setup, you will see that security is our main focus. Our competition has added security to their products as an afterthought. Not us, we at Khamelia focused on security first, and how the various modules and features can be built around our stringent security requirements. So we did not depend solely on the Microsoft Azure security, which is Best-in-Class, but we also added our own layer on top of that, to ensure an added measure to a safe and secure experience.

Khamelia Security

Khamelia Software, Inc. has developed our Khamelia.NET Security Framework to continue to provide an additional level of security for all our clients. The Khamelia.NET Security Framework consists of standards and practices applied to our architecture and code that form a multi-tiered approach to safeguarding data integrity and confidentiality at the interface and database level, as well as infrastructure and network stability. This Security Framework also embeds best practices for industry compliance through internal review and audits to maintain the most up-to-date security practices and protocols.

Keeping our customers' data secure is core to our product development and testing processes, our customer service practices and our vetting of technology partners. In other words, security is built into the fabric of our Khamelia Cloud solution so that you can rest assured that your data is safe.

Keeping our customers' data secure is core to everything we do.

About Khamelia.com

Khamelia is a leading project management and work collaboration software-as-a-service (SaaS) platform. The simple yet powerful online project management tools enable teams throughout the enterprise to plan, track, monitor and report on tasks and projects in real-time.

Session Time-Out

To secure user accounts, Khamelia enables an application sign-out after extended periods of inactivity. Once a session has timed out, users must re-login to their account.

Auto-save

Auto-save is implemented across the application automatically. So once a setting change is made, that is saved for the user automatically. That goes for any fields that are updated within Khamelia. We do not offer auto-save to uploaded documents by our customers.

Forms Authentication

All Khamelia users are required to have a unique ID and password. Administrators in Khamelia business accounts manage and control individual user security and permissions, including adding or subtracting user licenses.

Credentials are submitted through secured communications port (HTTPS/443) in order to establish a secure connection with the Khamelia cloud. Users are not required to download or install software to access data or projects. We recommend the following browsers: Google Chrome, Microsoft Edge, and Mozilla Firefox.

Secure Password Policy

The secure password policy governs the creation and protection of the user’s account data. Every Khamelia user must have a unique account ID and password in order to access the service. Passwords are passed through to the web server and browser to the Khamelia.NET framework through a hypertext protocol secured connection (https), an industry-standard encryption protocol.

Account Lockout

As an added measure of protection against brute force attacks, Khamelia initiates an account lockout policy. After numerous unsuccessful login attempts, the account will be locked.

Security & Testing Processes

Defined application security processes are embedded into every phase of Khamelia's software development life cycle (SDLC). Our team:

1. Researches and adopts SaaS & Cloud Infrastructure security best practices
2. Regularly conducts security reviews of architecture, new features, integrations and cross-platform solutions
3. Conducts manual and automated source code reviews for vulnerabilities and code quality
4. Performs regular reviews and assessment of pre-production environments

Encryption

Khamelia uses 256-bit SSL encryption to safeguard customer data and our sites are protected by 2048-bit certificates. All data between the user browser and the Khamelia cloud is established through an HTTPS connection. This connection encrypts the communication and secures the web server identity.

Password Storage Encryption

All passwords stored on the Khamelia cloud servers are encrypted using an industry-standard cryptographic safeguard to deploy additional layers of security.

Cloud Product Security

Security is built into the fabric of our Khamelia cloud solution. We employ numerous controls to safeguard your data including encryption in transit and at rest across our Khamelia cloud services, external vulnerability research, and more.

Security operations and best practices

Our dedicated security team approaches security holistically with our Khamelia.NET framework. Security threats are prevented using our third-party firewall detection and prevention services, secure software development practices, and industry-accepted operational practices.

Platform and network security

We perform rigorous security testing including threat-modeling, automated scanning, and third-party audits. If an incident occurs, we resolve the issue quickly using our security incident response practices and keep you informed with real-time system status.

Availability and continuity

We maintain high levels of availability with multiple geographically diverse data centers and robust Disaster Recovery and Business Continuity programs. Physical access to our data centers is strictly controlled with comprehensive security measures by our data center hosting partners.

Key security offerings

Here's a look at some of our most significant and highly requested security features.

1. Data encryption in transit - all data sent between our customers and applications is encrypted in transit using Transport Layer Security (TLS) with Perfect Forward Secrecy (PFS).
2. Data encryption at rest - data drives on servers holding customer data and attachments in Khamelia Software Cloud and the Khamelia.NET Framework use full disk, industry-standard AES-256 encryption at rest.
3. Organization audit logs - with an Khamelia.NET access subscription, organization admins can track all user and group management changes across their organizational data within the Khamelia Cloud.
4. Session duration management - to increase security, admins can limit how long their users are signed in to the Khamelia cloud. When a session duration is set, users will have to sign back in periodically.
5. Device visibility - organization admins can view the devices that are accessing their organization within the Khamelia Cloud.

Get more visibility into our cloud platform roadmap

We're committed to providing visibility into our upcoming security, compliance, privacy, and reliability releases wherever possible.

Our partners

We work with industry leaders in the SaaS Cloud provider services space to help you streamline access management and hosting services.