We are proud to announce that Knoq has been acquired by Ad Practitioners, a digital media platform that syndicates highly relevant content, tools, and news to reach in-market audiences. We are joining an exceptional portfolio of brands including Money.com and ConsumersAdvocate.org.

We will be continuing our mission of neighbors helping neighbors by combining our technology and data with Ad Practitioner’s product and content to further educate and match consumers with the products and services best for them.

Due to this exciting partnership, we will no longer be supporting our door knocking product or direct data sales.

If you are a partner who is interested in learning more and working with Knoq and Ad Practitioners, we'd love to talk to you.

We are thrilled to share that we are growing our team in beautiful Puerto Rico. We have new roles in engineering, data science and many more. If you are on the search for your next opportunity, we'd love to hear from you!

Thank you to all our partners and friends for your years of support. Because of you, we proved that when we listen to each other and treat everyone like our neighbors, we build the world we want to live in.


Security

Knoq recognizes that your personal and corporate data is very sensitive. We combine enterprise-grade security features with comprehensive audits of our applications, systems, and networks to ensure customer data is protected.

Data Center and Network Security

  • Knoq hosts all its software in Amazon Web Services (AWS) facilities in the USA. Amazon provides an extensive list of compliance and regulatory assurances, including SOC 13, and ISO 27001. See Amazon’s compliance and security documents for more detailed information.
  • All of Knoq servers are located within Knoq’s own virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between the servers.
  • Knoq conducts network vulnerability scans at least annually. The last one was started on January 30, 2020.

Data Security

  • Knoq regularly conducts internal audits to ensure continuous compliance with industry-standard best practices.
  • All connections to Knoq are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS. We maintain an A+ grade for Qualys/SSL Labs.
  • System passwords are encrypted using AWS KMS with restricted access to specific production systems.
  • We use industry-standard PostgreSQL, Elastic Search and Mongo DB data storage systems hosted at AWS and/or by the respective vendors.
  • Data access and authorizations are provided on a need-to-know basis and based on the principle of least privilege. Access to the AWS production system is restricted to authorized personnel and is carried out over a dedicated VPN connection.

Application Security

  • Web application architecture and implementation follow OWASP guidelines.
  • Knoq conducts application penetration testing.
  • User passwords are salted, irreversibly hashed, and stored in Knoq’s database. Audit logging lets administrators see when users last logged in and when passwords were last changed.

Application Monitoring

  • All-access to Knoq applications is logged and audited.
  • Knoq maintains a formal incident response plan for major events.

Uptime

Knoq maintains a publicly available system-status webpage which includes system availability details.

Security Policies and Secure Development Life Cycle (SDLC)

  • Knoq maintains security policies that are communicated and approved by management to ensure everyone clearly knows their security responsibilities.
  • Code development is done through a documented SDLC process. Design of all new product functionality is reviewed by its security team. Knoq conducts mandatory code reviews for code changes and periodic in-depth security review of architecture and sensitive code. Knoq development and testing environments are separate from its production environment.
  • Employee hiring process includes background screening.
  • At least annually, engineers participate in secure code training covering OWASP Top 10 security flaws, common attack vectors, and Knoq security controls.
  • Vulnerability Disclosure Process – Knoq considers privacy and security to be core functions of our platform. Earning and keeping the trust of our customers is our top priority, so we hold ourselves to the highest privacy and security standards. If you have discovered a security or privacy issue that you believe we should know about, we would love to hear from you. Please reach out to us at security@knoq.com and let us know.

Data Sharing

  • Knoq never shares individual data points that are uploaded or created through the platform between customers. 
  • Knoq uses analytics data to improve the products and services that are provided to our customers. 
  • Analytics data will be used for modeling and identifying correlations in customer data sets. Those correlations can be shared with customers.

 

Correlation and dependence: In statistics, dependence or association is any statistical relationship, whether causal or not, between two random variables or bivariate data. In the broadest sense correlation is any statistical association, though it commonly refers to the degree to which a pair of variables are linearly related.