Security is a crucial component for Reekoh’s success in meeting our customers and partner’s business needs. Reekoh aims for continuous research and improvement in security through investment in security technologies, establishing processes, and relying on its professionals’ expertise to protect the organization and the Customer’s data from bad actors. In the process, the company is also aligning with more industry and regulatory compliance controls as it expands its presence in different regions.
Reekoh utilizes some of the most advanced technology in cybersecurity today to enforce the Confidentiality, Integrity and Availability of Customer’s data processed by our services. When Customer access Reekoh services via HTTPS, Transport Layer Security (TLS) technology protects Customer information while also using our authentication mechanisms and network/data encryption, ensuring that Customer Data is safe, secure, and available only to registered users in Customer organization.
In Reekoh, security tools are running on endpoints, network, and cloud environment where all company data are stored and moving. Our data ecosystem has a different classification, and we protect each according to sensitivity throughout its lifecycle, aligning with our commitment to privacy. Reekoh employs security measures such as encryption and Role-Base Access Control (RBAC) to protect data from unauthorized view and alteration while at rest, In-motion, or in use.
Reekoh protects its assets and employees equally on how it protects customers data. A culture of security and awareness is instilled with every employee upon onboarding to the firm.
Reekoh treats security as an integral phase of our product development lifecycle (S-SDLC). Our development practice considers security as early as the Design Phase through our threat modelling sessions and supplemented with Vulnerability Management (VM), Code Quality Analysis, and Application Security Testing. Furthermore, Reekoh periodically engages with an external security service provider who helps us identify security weaknesses on our product from an external point of view by performing 3rd-party web application security testing to our products.
There is a variety of operating systems on our endpoint ecosystem, which brings complexity to implementing uniform protection for all the assets. Nevertheless, Reekoh invests in security software for our endpoints for proactive detection and prevention of malware, ransomware, and phishing attacks that may compromise our sensitive resources and leak our data.
Reekoh strives to adapt the Zero-Trust model in controlling access entitlements of users and endpoints to our critical resources. With conditional access, user devices must meet the minimum-security requirement before being granted access to our protected resources.
Our product offerings are hosted in Microsoft Azure cloud infrastructure, which is known as one of the leading public cloud hosting service providers. Reekoh relies on Microsoft’s integration of its robust security capabilities with its product and data centers to enforce physical and environmental security. These are evident with several industry standards and regulatory compliance such as ISO 270xx, SOC 1/2/3, FedRAMP, HITRUST, and more.