Data Authentication and Encryption
We encrypt data in transit via HTTPS using the SHA-256 encryption standard, with private keys stored in a remote network location. TLS1.2 is also supported. We also support FIPS-compliant SSL using NSS as the cryptography provider.
Knoa UEM for cloud stores customer data in single-tenant databases, which are logically isolated, on the IBM Cloud infrastructure. Only authorized database administrators have access to the raw data, following strict security protocols.
Rigorous Security Testing
Knoa performs infrastructure and application penetration testing periodically. The Knoa UEM platform also goes through the SAP Premium Qualification process for third-party vendor solutions, which is conducted with every major product release.
To learn more, see Knoa UEM Product Security.
Access to Data
Knoa does not own collected data. Customer data can only be accessed by authorized personnel via tools that require authentication. Data processed by Knoa UEM can be viewed through Knoa’s reporting and management applications. Knoa manages access to all resources and data through the principle of least privilege (PoLP) and has controls for governing access.
For more information, see Knoa Cloud Security.
The Knoa UEM platform is designed with the ultimate security in mind, from coding to deployment. Knoa stores all customer data and services on the IBM Cloud infrastructure.
- Knoa UEM for Cloud servers are hosted in IBM Cloud data centers, across multiple availability zones/regions.
- IBM Cloud’s physical infrastructure has been accredited with multiple global, US Federal Government, Industry, and Regional certifications, including ISO 27001, SOC 1/SOC 2/SOC3, FedRamp, FISMA, PCI, SEC Rule 17a-4(f), EU Model Clauses, and others. For a complete list, see IBM Cloud Compliance.
Data Recovery and Retention
Data collected is presented to report users through the Knoa reporting application. Report users can retrieve granular data through the reporting functions or via RESTful APIs. Data is retained based on established contracts between Knoa and Customers. Knoa has standardized processes to deliver or remove data based on established contracts.
Knoa UEM only captures information related to how a user is using a specific set of applications, not what data they process through these applications. As such, Knoa does not collect: passwords, credit card numbers, content of business records, keystrokes, etc. Knoa UEM does not capture any data that falls under the classification of “sensitive personal data”.
To learn more, see Knoa Data and Data Privacy.
User Identity Obfuscation
Knoa UEM provides customers the ability to obfuscate user identifiers for reporting, to preserve the anonymity of monitored users. This is a built-in configuration option that is exercised by customer system administrators.
Knoa UEM enables customers to be fully compliant with GDPR requirements, for both its on-premise and hosted versions.
To learn more, see Knoa Compliance with GDPR.