Governance
Kadoa establishes policies and controls, monitors compliance with those controls, and proves the security and compliance to third-party auditors. Our policies are based on the following foundational principles:Least Priviledge
Access should be limited to only those with a legitimate business needs,
based on the principle of least privilege.
Consistency
Security controls should be applied consistently across all areas of the
enterprise.
Defense in Depth
Security controls should be implemented and layered according to the
principle of defense-in-depth.
Continuous Improvement
The implementation of controls should be iterative, continuously improving
effectiveness and decreasing friction.
Data Protection
Data at rest
All data stores are encrypted at rest.
Data in transit
Kadoa uses TLS 1.3 or higher everywhere data is transmitted over networks.
Data backup
Kadoa backs-up all production data using a point-in-time approach. Backups are
persisted for 30 days, and are globally replicated for resiliency against
regional disasters.
Data Isolation
Kadoa implements strict data isolation to ensure complete privacy between teams and customers:- Complete Team Separation: Each team’s data is fully isolated - no data is ever shared or accessible between teams
- API Scope Enforcement: API keys are strictly scoped to individual teams and cannot access data from other teams
- Isolated Processing: Workflow executions happen in isolated environments with team-level boundaries
- Database-Level Security: Row-level security policies and team identifiers ensure data separation at the storage layer