Security and Privacy

Katmai is a cloud-based solution, hosted by AWS data centers that hold certifications such as ISO 27001 and SOC2. For further details on compliance, please explore AWS Security and AWS Compliance.

Our application servers are located in North American and Europe, but are accessible from around the world via the internet. 

We are currently in development for country-specific hosting for companies who have more stringent data sovereignty needs. 

We continually monitor and assess our service performance and use automatic alerts to ensure prompt responses to service disruptions.

Katmai's code undergoes auditing and peer review prior to being deployed on production servers. 

We are in the process of publishing a public uptime monitor. 

Uptime and reliability is a key focus, given that many companies run their real time communications on Katmai. 

Katmai continually improves our platform through feature additions, bug fixes, and  performance enhancements multiple times per month.

Our development cycle includes stage and testing environments, peer review, dedicated QA, soaking on beta servers, and multiple approvals before being deployed to production. 

Production data is kept separate from development environments. 

We work regularly with third party companies to conduct Pen Tests, such as Rapid7 and Synopsys.

Katmai's standard product offers username + password authentication, as well as Google SSO. 

Our Enterprise product offers Identity Provider Integration for managed onboarding, off-boarding, and administration. 

We currently support Amazon Federate, and are building support for Okta, Azure, Office365, and others. 

The audio and video conversations and associated data is secured with encryption both while in transit and at rest. All connections Katmai's services utilize encryption and are provided through SSL/TLS. The Services are only accessed through HTTPS. 

The PII gathered is First Name, Last Name, and Email.