Security in Knowly

This article describes how Knowly work with security.

How does Knowly work?

To continuously develop high-quality services towards the training industry, we use Heroku’s platform to manage our IT environment. Knowly is built on a PostgreSQL database which is held by Heroku. This design enables us to offer an encrypted database which can scale fast and when necessary. Log management is managed by Papertrail, which enables us to manage all our logs at one location. Also, this service is powered by Heroku. Regarding backups, Herokus Postgres service gives us the opportunity to recant code and earlier database permissions. To read more about Herokus´ services, visit this website: https://www.heroku.com/  

How is the traffic encrypted to Knowly?

The Traffic between the users´ web reader and our servers is encrypted according to industry standards SSL, which is characterized by “https” is visualized in green colour at the beginning of the URL. SSL ensures that the interaction with Knowly is not possible to listen in to or to “sniff” passwords through unsecured WIFI networks.

How do you manage passwords?

We manage passwords according to industry standards. We are always proactive in quickly updating our technology-stack as soon as it enables us – especially when the update concerns security.

On whose server is Knowly running?

The operation of our servers is Heroku responsible. They are owned by Salesforce and are a very reliable supplier. They contribute with high security, easy access and fast upscale when necessary. The servers are AWS (Amazon Web servers) and are located in Ireland.

How does the end-user get access to Knowly?

The micro training in Knowly is distributed through unique links in either email or sms; here, we use SendGrid as an email distributor and ClickSend for sms. In a unique link is the login information for the user receiving the link. The user has thus identified himself by accessing his email or SMS inbox. In addition, users can choose to set a password themselves if, for example, they want to save Knowly as a bookmark to be able to access the service even without a unique link. The material you create can thus only be accessed by the users you have chosen to invite.

How does the administrator get access to Knowly?

Administrators, for their part, must set a password. To create a new administrator, an existing administrator must send an invitation with a unique link. The unique link is then active until the recipient has registered a user. We do not currently use two-factor login for administrators.