We occasionally receive security questions from companies wanting to use KnowledgeOwl. In general, we do not want to publicly expose too much information about our security practices and infrastructure because that information would help the very people we are trying to protect ourselves against. However, since security is important to many people, we've compiled a list of commonly asked questions.
If you are a security researcher or have found a vulnerability, please consult our Vulnerability Disclosure Policy.
Data Center Security
- We are hosted on Amazon Web Services (AWS). Our primary data center is in US East Region 1 (N. Virginia), and we maintain daily backups in US West (Oregon).
- Our data center is monitored by closed circuit television and a 24x7x365 data center operations team who guard the facility while secure access control and biometric systems provide further layers of security.
- A Network Operations Center (NOC) staff monitors the data center's network 24x7x365, while their network engineers and hosting datacenter personnel are available at any time in the event of an emergency.
- Our data center has regulated climate control and does not rely on a power grid to ensure that power is never interrupted.
Data Protection
- We are GDPR compliant and Privacy Shield certified.
- Your data is yours, period. We will never sell it nor share it with third-party marketers.
- Your contact information will never be shared with or sold to a third-party.
- It is not possible for your application data to be retrieved by anyone other than authorized representatives of KnowledgeOwl.
- If for some reason KnowledgeOwl has to close its doors tomorrow, the software would be made open source for you to continue using.
- If you want to leave KnowledgeOwl, you can always take your data with you.
Data Retention
- We do not save customer data that we do not need.
- We review and delete data from KnowledgeOwl once it is no longer need.
- We delete backups of customer data on a rolling basis to ensure that unnecessary data does not remain in our possession.
Uptime and Reliability
- We strive to maintain at least a 99.5% uptime. We guarantee a 99.5% uptime for Business customers and a 99.9% uptime for Enterprise plan.
- We have emergency and disaster recovery plans, and we test them annually.
- In case of a catastrophic event, operations can continue in an off-site location.
- 100% lifetime happiness guarantee. You want a refund, you got it.
Application Level Security
- All KnowledgeOwl account passwords are hashed, meaning even our own staff cannot view them. If you lose your password, it can only be reset, not retrieved.
- All knowledge bases can be forced to use TLS, and access can be restricted to SSO.
- All KnowledgeOwl application data is encrypted in transit and at rest.
- It is not possible for your application data to be retrieved by anyone other than authorized representatives of KnowledgeOwl.
Internal IT Security
- KnowledgeOwl utilizes an identity and access management tool to centralize and control access to all systems.
- Access to customer data requires VPN access and multi-factor authentication.
- Vulnerability scans are performed weekly along with continuous behavioral monitoring and intrusion detection.
- All systems have up-to-date virus and malware protection.
Internal Protocol and Education
- Background checks are performed on all new employees, with periodic background checks performed on all employees.
- System and data access is on a need-to-know basis. Representatives only have enough access to do their jobs.
- We continuously train all representatives on security, compliance, and privacy.
Support
- KnowledgeOwl offers a variety of support options, including a self-help knowledge base, email, and phone support for all accounts.
- Support is available by phone and email during normal business hours with continued monitoring of urgent requests outside of business hours.
- Support is provided by the same people who help design and develop the software, all of whom have training and experience in both customer support and development.
- Support is available free of charge to all accounts, no matter the plan level or status.
Development and Upgrades
- KnowledgeOwl practices customer-driven development, so customer feedback is paramount in the design and development of the software.
- We practice agile development, so we fix problems and build features as quickly as possible to ensure that the software is always improving.
- Fixes and upgrades are released multiple times a week, with major upgrades and features being released monthly.
- Upgrades occur automatically with no effort or disruption to customer accounts.
- KnowledgeOwl provides an open API to allow for quick and easy integrations with other products and existing systems.
We are happy to fill out more detailed security assessments when necessary. Since these forms can be time-consuming, we only offer them for free as part of our annual Enterprise subscriptions. We treat them as a paid professional service for other subscriptions, starting at $500/assessment.