Security Standards

Updated  February 19, 2021

Security Standards of Keytrack

Are for protecting the biggest investment of most peoples lives.

Keytrack® at its core was designed with security in mind. The architecture is based on best practice development principles separating file and associated meta data, and keeping environment data separate and encrypted in transit and at rest.

Keytrack divides its systems into separate environments to better protect sensitive data. Systems supporting testing and development activities are hosted in a separate environment from systems supporting our production infrastructure. All servers within our production fleet are hardened (e.g. disabling unnecessary ports, removing default passwords, etc.) and have a base configuration image applied to ensure consistency across the environment.

Network access to our production environment from open, public networks (the Internet) is restricted, with only the required production servers accessible from the Internet. Only those network protocols essential for delivery of Keytrack’s service to its users are open at our perimeter.

Keytrack is deployed on cloud infrastructure. We utilise data centres which are at the forefront of technology, using innovative architectural and engineering approaches, and the latest in cloud technologies and infrastructure design.

Physical access is strictly controlled both on the perimeter and the construction of entry points by professional security staff using video surveillance, intrusion detection systems, biometric analysis, and other electronic means.

Our in-transit encryption ensures that messaging, data, and file transfers are all secured while in transit to the latest global standards with similar technology as used in many banking platforms. All http calls are encrypted with SSL at transport layer, and API data is also encrypted at message layer by using our inbuilt MLS encryption of API payload.

Keytrack supports the latest recommended secure cipher suites to encrypt all traffic in transit, including use of TLS 1.2 protocols at a minimum, AES256 encryption, and one way SHA2 hashing where possible.

Keytrack stores the documents that you request in our cloud infrastructure facilities. The original files and the customer data are split, isolated and placed in different locations and accessed using only secure keys. Access to these files is only via authenticated calls through the Keytrack file proxy.

We leverage best practice programming techniques applicable to the software industry wherever possible. All our products and solutions follow a quality assurance path through our software development lifecycle.

To minimize the risk of data exposure, Keytrack adheres to the principles of least privilege and role-based permissions when providing access. Staff are authorized to access only the data that they reasonably must handle in order to carry out their roles. All production access is reviewed at least quarterly.

To further reduce the risk of unauthorized access to data, Keytrack requires complex passwords for all access to systems with highly classified data, including our production environment, which houses our customer data.

We target 99.9% online accessibility for customers on our enterprise cloud plans.

All information submitted to Keytrack is deemed as private and treated as such with the same measures and standards of security whether it was public or non-public.

Keytrack is governed by the principles of the New Zealand Privacy Act 1993 and robust procedures set out in its Privacy Policy.

Private information will never be voluntarily disclosed to 3rd parties unless required to do so by law, or as outlined under our Terms of Service and Privacy Policy. These Policies can be found at



Our hosting providers are responsible for ensuring removal of data from disks is performed in a responsible manner before they are repurposed.

Keytrack outsources some of its services. Where those organizations may impact the security of Keytrack’s production environment, we take appropriate steps to ensure our security posture is maintained.

We do this by ensuring service organizations selected protect customer confidentiality through established and maintained certifications against one or more international standard such as SOC Type II, ISO 27001, and PCI as a minimum.

Keytrack has established policies and procedures for responding to potential security incidents.

Every organisation deserves and expects their data to be secure and confidential. Safeguarding this data is a fundamental responsibility, and we continue to work hard to maintain your trust.

Please contact Keytrack if you have any questions or concerns: [email protected]

Try Keytrack for your team

30-day all access free trial * | No credit card required

Get Started