Qostodian Data Security Platform
PRODUCTS
Ready to eliminate your blindspots?
By Coverage
By Industry
Discover the power of Qostodian!
Latest news posts
Interested in working for Qohash?
Data security is at the heart of Qohash’s mission: our customers trust us with their most sensitive information. We build security into every part of our business so you can rest assured that your data is safeguarded.
We obtain industry-accepted attestations to give you assurance that our practices are best in class.
ISO 27001 is a global standard for managing information security, ensuring organizations systematically protect their sensitive information.
Available upon request – ask our sales team for details.
SOC 2 is an audit report from the AICPA that focuses on controls relevant to security, availability, and confidentiality at a service organization.
SOC 3 is a general use audit report that focuses on controls relevant to security, availability, and confidentiality at a service organization.
Security, availability and confidentiality services.
The best security tools offer a standard set of essential features that are non-negotiable. Our commitment to secure defaults means that all the following features are included at no extra cost.
Qostodian tracks data, not files. Data is identified by its hash, and none of it leaves your premises without being encrypted using keys that only you control.
Your data and resources are completely separated from other customers in every data store. We prioritize strong isolation to ensure the protection of your data, reducing any risk of unauthorized access or disruption from other tenants.
Every tier includes SSO access, allowing users to log in using their existing corporate identity. Multi-factor authentication (MFA) is always enforced.
RBAC allows access levels to be based on specific roles, ensuring users have the appropriate permissions for their responsibilities. Qostodian also offers the ability to create custom roles, helping you to align with the principle of least privilege.
Qostodian simplifies user management by integrating with Azure Active Directory (AD). User identities are synchronized, reducing the administrative burden of removing inactive users.
Access to each tenant on the platform is always restricted to a list of known IP addresses, helping you to reduce your attack surface and prevent unauthorized access.
Comprehensive activity logs capture sensor management, administrative, and platform configuration changes. By default, these logs are protected against deletion to ensure non-repudiation. You can easily retrieve audited events from a GraphQL API for integration with your log management tools.
Qohash believes that strong security starts with its own practices. We have implemented a standards-based security framework that encompasses every aspect of our operations, from development to deployment and ongoing maintenance. Our commitment to security is reflected in our continuous investment in industry-leading practices, robust processes, and regular training for our team to ensure that we stay ahead of the evolving threat landscape.
Qohash prioritizes resilience as a core value, fostering a culture of awareness, responsibility, and vigilance among all team members. We promote security best practices and ensure that security considerations are embedded in every aspect of our operations.
We follow a robust DevSecOps approach, integrating security practices into the entire software development lifecycle. This enables us to identify and address security vulnerabilities early on, reducing the risk of potential threats and ensuring the security of our product.
To ensure the effectiveness of our security measures, we engage in regular external verification processes. We collaborate with independent security auditors and experts who evaluate our systems, processes, and controls to validate the security of the platform.
Qohash is committed to a process of continual improvement to enhance the security of our products and maintain a proactive stance against emerging threats. We regularly assess our security practices, conduct risk assessments, and stay up to date with the latest security trends to ensure that our customers’ data and systems remain protected.
We appreciate any effort to discover and coordinate the disclosure of security vulnerabilities. If you would like to report a vulnerability in one of our products or services, or have security concerns regarding Qohash systems, please email [email protected]. It is important to note that any unauthorized testing, including attempts to degrade or intentionally harm the Qohash service, is strictly prohibited. Such actions will not be tolerated, and we reserve the right to take legal action against individuals engaged in such activities.
To support a timely and effective response to your report, please include any of the following: