Development
When looking into new features we have security as one of the priorities. So we design with standard security practices in mind.
Data encryption and security practices
At GoKid, we prioritize the security of your data by employing standard encryption techniques to protect the information transmitted between your devices and our servers.
Vigilance in Third-Party Library Usage
Prior to any release, diligently seek out and apply common fixes and updates to ensure the integrity and security of third-party libraries
Adherence to Authorized APIs Only
We limit the APIs available to developers to mitigate the risk of data breaches and ensure the security of our systems.
High-Level User Authentication
We implement the most common and secure protocol for Authentication OAuth2 with JSON web tokens.
Tamper Detection Techniques
Tamper detection techniques are deployed to get alerts whenever someone tries to tamper with our code or inject malicious code into our application’s source code.
Leverage The Principle of Least Privilege (POLP)
The principle of least privilege that dictates a code should run with only those permissions that are essential for its functioning and nothing more than that.
Test & Update Regularly
Testing and updating our applications is an ongoing process that we rigorously adhere to before every release, ensuring the highest standards of quality and security.
We test the Gokid apps, and our Gokid Connect school solution prior to every release by our QA team.
Infrastructure
Robust Change Management and Deployment Automation
Our infrastructure is governed by a comprehensive change management process that encompasses source code control, peer code review, logging, and alerts for unusual behavior. All production changes are facilitated through an automated system capable of detecting reliability issues and reverting problematic deployments. This automation empowers us to deploy code safely and reliably to production multiple times per week.
Availability and Disaster Recovery
Since our service is based entirely in the cloud, our disaster recovery plan is based on best practices from Google Cloud Platform for maintaining resiliency in the case of disaster. This cloud-based approach allows us to leverage the robust, scalable infrastructure of Google Cloud Platform to implement a resilient disaster recovery strategy that ensures minimal downtime and maintains data integrity in any situation.
Data Isolation
The code controls are tested before every production deploy. Data processing occurs in containerized environments with limited access to external resources. Services use ephemeral credentials for services to access data stores
Network Isolation
GoKid limits external access to network services by running them inside of a Virtual Private Cloud (VPC) and blocking all unnecessary ports from external traffic. Access to our production network is limited to necessary personnel, logged, and secured using multiple factor authentication.
Risk Management
As part of our comprehensive data protection program, GoKid maintains cyber insurance through a leading insurer that provides us with financial and operational resources to respond effectively to potential cyber incidents. Key coverages and services include:
- Expert breach response services including legal, IT forensics, privacy notification, call center, and fraud remediation services to ensure timely support for affected individuals
- Coverage for data stored with our cloud service providers
- Insurance security requirements that reinforce our own safeguards and controls
- Content liability protection for our online platforms
While no company is immune from cyber risks, this insurance reflects our commitment to swift and effective incident response as part of our overall data privacy and security program. In the event of a suspected incident, our team is prepared to mobilize internal resources and outside experts to investigate, respond, and protect our users.
