Security at Khula ERP
Your business data is critical. We employ industry-leading security measures to ensure your information remains protected at all times.
Data Protection
Encryption at Rest
All customer data stored in our databases is encrypted using AES-256 encryption. Encryption keys are managed through a secure key management system with regular key rotation.
Encryption in Transit
All communications between your browser and our servers are protected using TLS 1.3 encryption. We enforce HTTPS across all endpoints and use HSTS to prevent downgrade attacks.
Multi-Tenant Isolation
Our architecture enforces strict data isolation between tenants at multiple levels: application, database, and infrastructure. Your data is never accessible to other customers.
Access Security
Authentication
We support secure password requirements, multi-factor authentication (MFA), and single sign-on (SSO) integration for enterprise customers. Session management includes automatic timeouts and secure token handling.
Role-Based Access Control
Granular permission controls allow you to define exactly what each user can access and modify. Custom roles can be created to match your organisational structure.
Audit Logging
Comprehensive audit logs track all user actions, including who did what, when, and from where. Logs are immutable and retained for compliance purposes.
Infrastructure Security
Cloud Infrastructure
Our services are hosted on enterprise-grade cloud infrastructure with SOC 2 Type II and ISO 27001 certifications. We utilise multiple availability zones for high availability and disaster recovery.
Network Security
Our infrastructure is protected by enterprise firewalls, DDoS mitigation, intrusion detection systems, and network segmentation. Regular vulnerability scanning and penetration testing are performed.
Backup and Recovery
Automated daily backups with point-in-time recovery capability. Backups are encrypted and stored in geographically separate locations. Recovery procedures are tested regularly.
Security Operations
Monitoring and Detection
24/7 automated monitoring for security anomalies, suspicious activities, and potential threats. Security alerts are triaged and investigated by our security team.
Incident Response
Documented incident response procedures ensure rapid identification, containment, and resolution of security incidents. Affected customers are notified promptly in accordance with legal requirements.
Security Testing
Regular penetration testing by independent security firms, continuous vulnerability scanning, and a responsible disclosure program for security researchers.
Compliance
POPIA Compliance
Our practices are aligned with South Africa's Protection of Personal Information Act (POPIA), ensuring lawful processing of personal information.
GDPR Alignment
For customers with EU data subjects, our practices align with General Data Protection Regulation (GDPR) requirements.
Financial Standards
Our financial modules are designed to support compliance with accounting standards and regulatory requirements applicable to South African businesses.
Report a Vulnerability
We take security seriously and welcome reports from security researchers. If you discover a potential security vulnerability, please report it responsibly to security@khula-erp.co.za.
We commit to:
- Acknowledging your report within 48 hours
- Providing regular updates on our investigation
- Not pursuing legal action against good-faith researchers
- Recognising your contribution (with your permission)
Questions?
If you have questions about our security practices or would like to discuss your specific security requirements, please contact us.
- General inquiries: hello@khula-erp.com
- Security concerns: security@khula-erp.co.za
See also our Privacy Policy and Terms of Service.