Security Features

Kore encrypts data and files while in transit and at rest in the cloud. Your messages and emails are encrypted using industry-standard protocols such as HTTPS for transportation and Advanced Encryption Standard (AES)-256 for encryption.

Where is my personal information stored?

Kore Messaging is hosted in the Amazon Web Services™ (AWS) cloud. AWS describes their security and data protection features in the cloud at https://aws.amazon.com/compliance/.

For more information, see the Kore Privacy Policy and Terms of Service.

Features that enhance messaging and account security

The following security features of the Kore Messaging Platform ensure that your Kore data is protected.

Third-party Audits

Reputable experts in the security industry perform periodic security audits on our application on a regular basis. These security experts validate our security practices and ensure that we are always ready to address new vulnerabilities.

User Authentication

By subscribing to a Kore Enterprise plan, an enterprise administrator can configure Single Sign-On (SSO) authentication for users to sign in to Kore. This enables you to leverage any company authentication mechanism that is already in-place. In addition, you can use Kore to authenticate your users based on customized password policies to suit your business needs.

Terminate User Sessions

By subscribing to a Kore Enterprise plan, an enterprise administrator can end user sessions from devices.

If you lose your laptop, tablet, or mobile that you use to access Kore, your enterprise administrator can help you by ending any Kore sessions that were running on the device. By removing data from previous Kore sessions, a Kore login is enforced when anyone tries to access your account.

In addition, if your Team Admin Console session is idle for more than 15 minutes, your session is automatically terminated, and the next action in the session window will require authentication to start a new session.

Pin Lock Access

You can enable pin lock access to the Kore app installed on your smartphone to avoid unauthorized access to your Kore data if your phone is lost or stolen.

On the Kore Messenger Home screen:

  1. Tap your account profile picture on the top left corner of the screen. The Account screen is displayed.
  2. On the Account screen, tap Settings.
  3. On the Settings screen, tap Pin Lock.
  4. On the Pin Lock screen, enable Pin lock. The Set Pin screen is displayed.
  5. Enter and re-enter a pin of your choice to confirm your pin.
  6. Tap Require pin to select a time period after which the app must lock itself and request authorization. 

Message Control

You can use message control policies and templates to control when and where your message is delivered and accessed. You can trace the number of message forwards of your message and recall any message forwarded by recipients of a Kore message. In addition, you can restrict the ability for a user to forward your message.

For more information, see Message Control.

Audit Logging

Both at the enterprise and team level, we log key events triggered by Kore users and administrators. Some examples include login access - successful and failed; all admin actions; and a host of user actions such as adding and removing members from a team.

For more information, see Team Audit Report and Enterprise Audit Report.

 

Incidence Management and Response

Kore takes pride in providing security features to enable secure messaging.

In the event of a security breach, Kore will take immediate measures to report the incident to both the affected parties and law enforcement authorities, if applicable.

Report a Security Vulnerability

If you have noticed a security vulnerability or an incident, then please send an email to privacy@kore.com with the following details:

  • Incident Details
  • Incident Date
  • Incident Occurrence time
  • Incident Reporting time
  • Duration of the Incident
  • Physical Location of the Incident

A security vulnerability or information security incident may include one of the following:

  • Loss of confidentiality of information
  • Compromise of integrity of information
  • Denial of service
  • Unauthorized access to systems
  • Misuse of systems or information
  • Theft and damage to systems
  • Virus attacks
  • Security weaknesses in the computing systems (vulnerability in the computing system, which could be exploited to compromise the Confidentiality, Integrity or Availability of the system)
  • Violations of Kore security policies and procedures

Our security team will immediately take action and rectify any such incident.

Comments