FEATURE BRIEF
Kiteworks Comparison: On-premises vs. Hosted vs. FedRAMP
Consider the following when deciding where to deploy your Kiteworks instance. On-premises systems can provide customers with the most control, but also the most responsibility. Typical cloud systems have accessibility, cost, security, and scalability advantages, and Kiteworks Enterprise Hosting adds a higher level of security and control. Federally authorized Kiteworks FedRAMP maximizes security with a set of services and controls wrapped around a single-tenant hosted system.
| Feature or Service Provided by Kiteworks | On-premises | Enterprise Hosted | FedRAMP Hosted |
|---|---|---|---|
| Accessibility and Control | |||
| Private, single-tenant application instance | ✓ | ✓ | ✓ |
| Complete customer control of and responsibility for content, with no accessibility by vendor or authorities | ✓ | ✓ | ✓ |
| 24/7 monitoring for system down conditions | Available* | ✓ | ✓ |
| Reliability/availability SLA | ✓ | ✓ | |
| Backup and restore | ✓ | ✓ | |
| Enables IT staff remote work | ✓ | ✓ | |
| Expense Structure | |||
| Subscription application and OS: zero CapEx, predictable OpEx | ✓ | ✓ | ✓ |
| Subscription infrastructure: zero CapEx, predictable OpEx | ✓ | ✓ | |
| Infrastructure systems management, floorspace, racking, power, cooling, network, maintenance, and upgrades | ✓ | ✓ | |
| Infrastructure Scale-out | |||
| Elastic: no wait to purchase, rack, stack, and configure | ✓ | ✓ | |
| General Security | |||
| Hardened virtual appliance with internal firewall, WAF, IDS, bounty program, and pen testing | ✓ | ✓ | ✓ |
| Least privilege default access permissions and policy settings | ✓ | ✓ | ✓ |
| FIPS 140-2 Validated encryption | Available | Available | ✓ |
| Patching of application, OS, and other system components | Available* | Available* | Available* |
| Anonymous location that deters hackers | ✓ | ✓ | |
| Physical access controls | ✓ | ✓ | |
| Perimeter network security including firewall, WAF, IDS, security monitoring, and security operations | ✓ | ✓ | |
| FedRAMP Security: Authorization and monitoring by accredited 3rd Party Assessment Organization (3PAO), consisting of: | |||
| Screened, U.S.-based support and service personnel | ✓ | ||
| Penetration tests from the internet and corporate intranet | ✓ | ||
Review and validation of 325 security controls for NIST 800-53:
| ✓ | ||
| Monthly reports on incidents and configuration changes | ✓ | ||
| Annual assessments (repeated audits and tests) | ✓ | ||
*Included in Kiteworks Premium Support offering