Agit complies with the highest international security standards.
Agit, which is an online work communication platform service operated by Kakao,
protects and maintains data against all threats by applying security controls at every layer from physical to application.
All data recorded on Agit are encrypted.
Kakao's platform service data including Agit's data are stored separately by each application because the data is valid only within the scope of a specific application. Therefore, the risk of any unauthorized access to other applications is blocked at the source. In addition, Agit maintains SSL/TLS security level A, encrypting all data recorded by users to the DB level.
Enhanced Security for Images and Files
All attachment link URLs are authenticated and encrypted so that image and file attachments in Agit cannot be viewed easily even if they are leaked to outside sources. Uploaded attachments cannot be accessed without user identification. Therefore, the risk of outside parties gaining access to your valuable work information shared on Agit through link URLs is minimized.
Agit data cannot be accessed easily.
Kakao’s physical infrastructure is hosted and managed mostly within ISO 27001-certified data centers in Korea. The data center continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Access to Customer Data
All Kakao staff including the Agit team complies with the operating principle that they are not to access customer data or applications, or interact with them, for general operation. Kakao staff do not access customer data unless requested by a certain customer for the purpose of customer service or unless demanded by legal authorities. Furthermore, we are looking for better directions to access and protect customer data through compliance training every year.
Kakao has many years of experience in large scale service and stable physical operation, and this experience has been applied to all Kakao infrastructures. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance other electronic & electric means.
All visitors and contractors are required to present identification to get an entry permission to the data center. The data centers only provide data center access and information to employees who have a legitimate business need for such privileges. All physical and electronic access to data centers are logged and audited routinely.
Kakao's security experts are here to help you.
Firewalls are utilized to restrict access to systems from external networks and between systems internally. By default all access is denied and only explicitly allowed ports and protocols are allowed based on business need. In addition, Kakao also has in place an intrusion detection system which analyzes and detects in real time abnormal and aggressive packets from external networks and between internal systems as well as an intrusion prevention process for quick response to DDoS attacks.
All data related to applications are automatically backed up on a daily basis in redundancy. In the rare case of database failure, we can continue to provide service using the system which is backed up in real time, and also recover the system to the last snapshot in the event of data loss.
Response to Security Incidents
We have classified possible incidents by type and established a systematic incident handling process for response, analysis and recovery. A response system is in place to deal with security incidents quickly, and security drills are conducted on a regular basis. In addition, we have set up a security control center with professional security staff, monitoring anomalies and hacking threats 24 hours, 7 days a week.
System access is limited to Kakao staff related to a specific system, and requires username and key authentication. All systems are accessed through authentication, which protects the systems from various hacking attacks which may arise when a user logs in, and tracks access history. In addition, a direct access from an external network is not allowed.
When a feature is added or changed, we define security requirements including legal requirements and reflect them from the design phase. To prevent the misuse of customer data, development is carried out in a controlled environment which is separated from the service in operation. Once the implementation is completed, a review is done before the service launch to ensure that all security requirements have been incorporated properly, and technical vulnerabilities are removed through diagnostic mock-ups. Furthermore, constant monitoring and regular maintenance are performed to prevent applications from new vulnerabilities.
Agit constantly updates security and privacy policies.
Agit Premium Security Feature
Agit constantly strives to safely store and provide users' sensitive information including personal information. For Agit clients who need to respond more agile in terms of security, we are working on the Agit Premium model which will offer additional security features.
Agit Premium will include enhanced security features such as Single Sign On (SSO), two-factor auth (2FA), host restriction, access device registration and attachment watermarking. See More
Agit - A safe collaboration tool protected by Kakao's security experts
Would you like to start working together in Agit which will let you work freely in the company while providing absolute security against external threats?Agit Implementation Inquiry