Security
Introduction
At Knowi, our mission is to help people see and understand their data–no matter where that data is stored. To do that, you need to have confidence in the security of our platform. That’s why we believe in a culture where we are continually working to earn your trust. We do this by leveraging industry-standard security and best practices, and keep you well informed with quick responses to security issues when they arise.
We built Knowi from day one with security as a top priority. This page is all about how Knowi keeps your data and analytics safe and secure.
Built for data security from the ground up
Knowi’s data platform sits above your data sources and connects into them using native integrations and data virtualization. Knowi uses a number of secure connections to query your data warehouses and various data silos directly–keeping the interaction both simple and secure.
When you run analytics in Knowi, Knowi writes a query to access the data needed to answer your question, returns the result, and holds the answer in a (configurable) temporary cache layer.
Because Knowi provides a single point of access for your data, you can establish a robust business intelligence governance infrastructure. Everyone within your company can answer their own questions while keeping data sprawl to a minimum and access to sensitive information restricted.
Analyze your data securely where it lives
Ensure your data is safe and secure by limiting its movement.
With Knowi, queries are made directly against your data sources and not by moving or extracting data to files, proprietary databases, or desktops. This Knowi feature promotes data integrity while keeping data movement to a minimum and access to sensitive information restricted.
A fully configurable data virtualization caching layer offers the full processing power of your database and its security model—without long-term storage of data.
Industry-standard encryption & secure connections
Knowi uses AES 256 bit encryption to secure your database connection credentials and cached data stored at rest. Plus, TLS 1.2 to encrypt network traffic between user browsers and the Knowi cloud platform itself. You can also shore up access through a number of optional features including IP whitelisting, SSL, and SSH.
Authentication, access controls, and data governance
Knowi supports two-factor authentication, integrates with LDAP, and SSO (supporting SAML and OpenID Connect).
Knowi supports:
- Role-based access control
- Auditing user activity
- Rollback capabilities
- Multi-tenancy
- Row level access
Our layered approach to data governance is of particular value to industries with specialized security requirements and companies with GDPR or other privacy considerations. We have many customers in highly regulated industries like healthcare and financial services.
Knowi Platform Compliance
Knowi maintains a comprehensive set of IT controls which are regularly audited by independent firms to ensure the company meets its compliance goals. Knowi has worked with a certified public accounting firm to perform an in-depth audit of the control objectives and activities for the Knowi Platform. The control procedures for the Knowi Platform have been verified in a SOC 2 Type II report prepared in accordance with the attestation standards established by the American Institute of Certified Public Accountants (AICPA) and in accordance with the International Standard on Assurance Engagements (ISAE).
Requesting A Report
Knowi’s SOC 2 report is made available upon request. If interested, please contact us at [email protected]
Vulnerability Reporting
Our security team cares deeply about the security of our products and the data that you entrust to us. We thoroughly investigate all reports of vulnerabilities. Once a vulnerability is fully investigated and its content addressed.
How to Report a Vulnerability
To ensure we can evaluate and respond to your vulnerability report as quickly as possible, please ensure it includes the following information:
- Impacted product, with version, build, and OS information if relevant
- Type of vulnerability
- Steps to reproduce
- Evidence supporting the report, e.g. screenshots, etc
Get in touch with us after compiling the above information at [email protected].
Report Evaluation Process
After reporting a vulnerability, you will receive a response from one of our engineers within one business day. All vulnerability reports will remain confidential within Knowi and will only shared internally with those who need to know in order to reproduce and fix the issue.
We ask for your patience while we investigate the report and will keep you updated as frequently as there are updates to share. After the report has been evaluated and a fix has been developed. For the security of our customers and their information, we ask that you not release information about the vulnerability until we’ve had an opportunity to address the issue.
Testing Guidelines
Vulerability scans and bug hunting should be done on our staging environment: https://staging.knowi.com:9443/.
Notifications
All security-related notifications will be announced to our customers via our product updates email release after the vulnerability has been patched/corrected.
Quetsions
For any questions on the policy or for further help, please write to us at [email protected].
Note: Knowi reserves the right to update the policy at any time.