Security and Compliance

KnowledgeLake ensures the security of your data by keeping continuous compliance with industry standard best practices

Your data security comes first

We understand that the safety and security of your data is of paramount importance. We combine comprehensive audits of our application, internal systems and networks to ensure our customer’s data is protected.

Data Center and Network Security

We host all our software in Microsoft Azure U.S. datacenters.

Microsoft provides an extensive list of compliance and regulatory assurances, including SOC 1-3, and ISO 27001. See Microsoft’s compliance and security documents for more detailed information.

KnowledgeLake conducts third-party network vulnerability scans at least annually.

Data Security

All connections to KnowledgeLake are encrypted.

We use SSL/TLS to encrypt all of our connections, and any attempt to connect over HTTP are immediately redirected to HTTPS. We maintain an A+ grade from Qualys / SSL Labs.

All customer data is stored within separate PaaS databases.

This approach provides our customers with all the benefits of multi-tenant SaaS, but with the safeguards and isolation of single-tenant enterprise SaaS. All network traffic is isolated to a dedicated virtual network, to further insulate customer information.

All customer data is encrypted in transit and at rest.

System passwords are encrypted using Azure Key Vault with restricted access to specific production systems.

Data access and authorizations are provided on a need-to-know basis.

And data access and authorizations are based on the principle of least privilege. Access to the Azure production tenants are restricted to authorized personnel and is carried out using VPN with multi-factor Active Directory authentication.

Our customers may configure a data retention duration

Plus all customer data is purged from KnowledgeLake systems subsequent to contract expiration.

Application Security

We conduct penetration testing by a third party at least annually in addition to our in-house product testing.

KnowledgeLake logins require strong passwords.

User passwords are salted, hashed and stored in an isolated tenant specific database.

KnowledgeLake can connect to 3rd party identity management platforms such as Azure Active Directory.

Application Monitoring

All KnowledgeLake audit information is stored within an isolated and encrypted customer database.

This data is surfaced within the Monitor and Configuration Apps. The audit contains a historical record of all operations and events that took place within the environment. KnowledgeLake does not have access to this data unless explicitly shared with us by the customer.

KnowledgeLake maintains a formal incident response plan for major events.

Security Policies & Software Development Life Cycle

We maintain clear internal security policies.

Our security policies are maintained, communicated and approved by management to ensure that everyone clearly knows their security responsibilities.

KnowledgeLake policies are audited annually as part of our SOC2 certification.

KnowledgeLake follows a well-defined Software Development Life Cycle (SDLC).

Our product engineering teams follow an agile (Kanban) development process with software updates being pushed every 8-12 weeks.

  • Every changeset follows a peer review process and checklist to identify potential security vulnerabilities. Any code sections that deal specifically with security receive a detailed review from the Chief Architect.
  • KnowledgeLake executes static code analysis regularly to ensure that we are not using any 3rd party dependencies that contain known vulnerabilities.
  • Prior to general availability (GA) for major software updates, KnowledgeLake engages with a 3rd party security consulting company to test for security vulnerabilities.

KnowledgeLake engineers participate in secure code training.

At least annually, our engineers participate in secure code training covering OWASP Top 10 security vulnerabilities and common attack vectors.

What can you do with the KnowledgeLake Platform?

tin

Solve your organizations most important content challenges with the opportunity to try the KnowledgeLake platform for yourself. Some of the tech you'll get to try:

  • Automatic classification and tagging of documents with our machine learning technology
  • Connect and integrate your systems with our robotic process automation
  • The ability to search for your documents based on data, all from one system
  • Indexing data and uploading documents right from the Microsoft Outlook and Office applications you use every day
tin

Solve your organizations most important content challenges with the opportunity to try the KnowledgeLake platform for yourself. Some of the tech you'll get to try:

  • Automatic classification and tagging of documents with our machine learning technology
  • Connect and integrate your systems with our robotic process automation
  • The ability to search for your documents based on data, all from one system
  • Indexing data and uploading documents right from the Microsoft Outlook and Office applications you use everyday

Want to try it for yourself?

Discover more about the platform

EXPLORE THE PLATFORM

The only cloud-native platform for capturing, processing and managing your most critical business content.

ROBOTIC PROCESS AUTOMATION

Let the bots empower users to do what you hired them to do.

INTELLIGENT CAPTURE

Machine learning–powered automated document classification and data capture in the cloud.

GET IN TOUCH

Ready to discuss your content management challenges?