Use role-based security to set access on both the creation of an application and its usage. Set up security around who can create or modify components of a K2 application, like workflows, forms or SmartObjects, as well as handle access to application tasks and data.

Using K2’s native audit capabilities, you can keep track of application usage as well as track specific decisions made as part of a process.

Get visibility across all your applications and administer the platform from a central location.

Microsoft Azure Active Directory is the sole provider of identity within K2 Cloud and offers you various identity security capabilities. Learn more about identity in K2 Cloud here.

Customer data is never co-mingled with another tenant and is encrypted, both in transit via TLS/SSL and at rest using Transparent Data Encryption (TDE) capabilities.

External line-of-business (LOB) data surfaced within a K2 application is never copied or duplicated within K2 so your data stays secure and is always up-to-date.

K2 Cloud is architected to provide a highly-available, cloud-based environment with built-in disaster recovery capabilities. Anti-virus protection and automatic security patching helps protect your environment from unwanted attacks and downtime.

All K2 Cloud traffic is protected and secure from the public internet and never leaves the private network – even globally – until it is transmitted to your browser.

K2 Cloud is certified for ISO 27001, SOC2 Type II and G-Cloud. For more information about these certifications, please see the K2 Certifications and Compliance page.

OWASP 10 building standard.

Penetration testing by an independent agency.