FEATURE BRIEF
Kiteworks Comparison: On-premises vs. Hosted vs. FedRAMP
Consider the following when deciding where to deploy your Kiteworks instance. On-premises systems can provide customers with the most control, but also the most responsibility. Typical cloud systems have accessibility, cost, security, and scalability advantages, and Kiteworks Enterprise Hosting adds a higher level of security and control. Federally authorized Kiteworks FedRAMP maximizes security with a set of services and controls wrapped around a single-tenant hosted system.
Feature or Service Provided by Kiteworks | On-premises | Enterprise Hosted | FedRAMP Hosted |
---|---|---|---|
Accessibility and Control | |||
Private, single-tenant application instance | ✓ | ✓ | ✓ |
Complete customer control of and responsibility for content, with no accessibility by vendor or authorities | ✓ | ✓ | ✓ |
24/7 monitoring for system down conditions | Available* | ✓ | ✓ |
Reliability/availability SLA | ✓ | ✓ | |
Backup and restore | ✓ | ✓ | |
Enables IT staff remote work | ✓ | ✓ | |
Expense Structure | |||
Subscription application and OS: zero CapEx, predictable OpEx | ✓ | ✓ | ✓ |
Subscription infrastructure: zero CapEx, predictable OpEx | ✓ | ✓ | |
Infrastructure systems management, floorspace, racking, power, cooling, network, maintenance, and upgrades | ✓ | ✓ | |
Infrastructure Scale-out | |||
Elastic: no wait to purchase, rack, stack, and configure | ✓ | ✓ | |
General Security | |||
Hardened virtual appliance with internal firewall, WAF, IDS, bounty program, and pen testing | ✓ | ✓ | ✓ |
Least privilege default access permissions and policy settings | ✓ | ✓ | ✓ |
FIPS 140-2 Validated encryption | Available | Available | ✓ |
Patching of application, OS, and other system components | Available* | Available* | Available* |
Anonymous location that deters hackers | ✓ | ✓ | |
Physical access controls | ✓ | ✓ | |
Perimeter network security including firewall, WAF, IDS, security monitoring, and security operations | ✓ | ✓ | |
FedRAMP Security: Authorization and monitoring by accredited 3rd Party Assessment Organization (3PAO), consisting of: | |||
Screened, U.S.-based support and service personnel | ✓ | ||
Penetration tests from the internet and corporate intranet | ✓ | ||
Review and validation of 325 security controls for NIST 800-53:
| ✓ | ||
Monthly reports on incidents and configuration changes | ✓ | ||
Annual assessments (repeated audits and tests) | ✓ |
*Included in Kiteworks Premium Support offering