Kubecost Data Privacy & Security

Effective September 28, 2021

Data Privacy

Our software products do not share data to our externally managed services, so we do not have access to customer or sensitive user data. However, any company information that is shared should only be accessed for immediate use in your job description. Any abuse will be grounds for termination.

Approved Devices

Devices running MacOS, Ubuntu distributions of Linux, and Windows are permitted to access company systems. These devices should be running the latest version or immediately preceding version of their respective operating systems. Devices must lock themselves with a password or PIN if idle for five minutes. Individuals will immediately notify team@kubecost.com in the event that a device containing company data is lost or stolen.

Workstation Full Disk Encryption

All devices used to access company systems will have full disk encryption enabled.

Password Policy

You need a secure password on all company systems and devices as per this password policy. These credentials must be unique and must not be used on other external systems or services. Passwords must be a minimum length of eight (8) characters on all systems. They must also pass these requirements:

  1. Not be a dictionary word or proper name
  2. Not be the same as the User ID
  3. Not be transmitted in the clear or plaintext
  4. Not be displayed when entered

2-factor authentication is required on all critical systems, including email, source control, and billing systems.

How Do We Use Your Information?

We and/or our third-party marketing service providers may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of emails at any time by clicking on the unsubscribe link in the emails that we send, editing the preferences in your account, or by contacting us at data-protection@kubecost.com. You will then be removed from our marketing email list — however, we will still need to send you service-related emails that are necessary for the administration and use of your account.

We work with third-party service providers to support us in customer management and marketing campaigns.

These service providers include:
Service provider privacy policies: