Notes on data security for the KENEXOS® platform

Where is my data located?

Our contractual partner is Amazon Web Services (AWS) GmbH in Frankfurt. All data is stored on servers within Germany and therefore processed in accordance with applicable German law.

Is my data sufficiently protected?

The AWS data centers are protected against both cyberattacks and physical access in a variety of ways. This includes the selection of the location, precisely controlled employee access to the entire infrastructure, monitoring of possible environmental influences such as water ingress, redundancies and state-of-the-art firewall concepts.

You can find more detailed information on this at https://aws.amazon.com/de/compliance/data-center/

Is the technology behind KENEXOS® also safe?

KENEXOS® uses PostgreSQL as its database system, which is hosted on AWS EC2. All databases are located in the so-called “demilitarized zone (DMZ)”, a protected area that is free from direct access from the Internet. With our Advanced version, you also have the option of selecting a single, encrypted database for even more security.

Files such as documents and image data are stored in a separate storage, the so-called AWS S3 bucket.

Detailed information on the security mechanisms of EC2 and S3 can be found at

https://docs.aws.amazon.com/de_de/AWSEC2/latest/UserGuide/ec2-security.html and at

https://aws.amazon.com/de/s3/security

What about external access to data in KENEXOS®?

Communication with KENEXOS is only possible with SSL encryption, as is the use of the REST API. A bearer token is required to use the REST API, which is only available after successful user authentication.

Further details and information on data protection can be found in our privacy policy.