Security Policy.

KitchenOS Cloud Security

Cloud Security Statement

Overview

KitchenOS is the Software as a Service (SaaS) platform designed to host all cloud applications developed and/or managed by Adaptics, Ltd. dba, Fresco. All KitchenOS cloud applications are deployed in the Amazon Web Services, AWS Cloud. All KitchenOS server instances deployed in the AWS cloud, are provisioned, monitored, and managed by the KitchenOS DevOps team.

Data

All KitchenOS application data is stored in AWS RDS databases, which can only be accessed by the backend Virtual Private Clouds, VPCs. Application files are stored on file servers separate from front-end and back-end servers. AWS RDS databases are automatically replicated between multiple Availability Zones, AZs for high availability and fault tolerance. Database data is encrypted at rest and continuously backed up for point in time restore to alternative instances as needed.

People and Access

The KitchenOS platform systems-level access is limited to authorized personnel within the KitchenOS DevOps team for the specific purpose of maintaining and supporting the systems infrastructure. KitchenOS platform systems access is limited to the DevOps team from within specific KitchenOS internal networks, using two form authentication protocols.

The KitchenOS Support team has limited access to customer application support tools (no direct system or data access) for the specific purpose of replying to customer support tickets. All DevOps and Support personnel with access to KitchenOS platform systems or customer application support tools are subject to annual screening.

The KitchenOS platform is monitored continuously 24x7.

Application Servers

KitchenOS application servers are fully patched Ubuntu LT’s instances. All inbound and outbound customer network traffic is limited to 2048 bit SSL/HTTPS protocols. Frontend and application servers have no customer data, the frontend servers are kept separate from data and storage servers.

3rd Party Penetration & Application Vulnerability Scans

The KitchenOS platform and applications are tested for vulnerabilities regularly by external penetration teams. The results of these exercises are forwarded to the KitchenOS DevOps team for review and incorporation into future releases.

Certification

KitchenOS SaaS online is hosted entirely in Amazon AWS. AWS data centers are globally distributed, and provide zone resiliency which prevents KitchenOS from downtime in the event of a single data center failure.

AWS meets most Global, US Government, Industry, and regional certification standards, including these common certifications:

For more information see AWS Compliance programs.

Backups

Your data is housed in an AWS RDS database, which is a modern, highly available, fault-tolerant, continuously backed up database application. What does this mean? When you use KitchenOS, your data is automatically replicated to multiple data center facilities and backed up in real-time, keeping your project information safe and available 24/7/365.

Disaster Recovery Plan

KitchenOS has a disaster recovery plan which includes step-by-step instructions for completely installing and restoring the KitchenOS system. This plan is accessible only to authorized KitchenOS personnel. The plan is not published publicly as there is sensitive information within the plan that may compromise the security of the hosted or cloud environment.

Disaster Restoration

In the event of a complete catastrophe, KitchenOS is prepared to be restored within 12 hours of a total data center failure.

Privacy

We understand the importance of ensuring the privacy of your personally identifiable information. For more information, please see our Privacy Policy.

NOTE: This Security Statement applies to the KitchenOS platform applications. For more information about the KitchenOS platform, please contact us.

Effective as of July 5, 2021.