Platform & Security

EKNOW M&A Tools SaaS

EKNOW provides the M&A Tools platform as software-as-a-service (SaaS). This means that all hosting, management, and system administration of your M&A Tools are the full responsibility of EKNOW.

This means that client IT support burdens are essentially nil. In most cases IT involvement consists only of a one-time coordination for single sign on (SSO), if applicable; and white-listing of M&A Tools.

EKNOW can have your new system deployed and ready to use in hours, not days. No app download is required, and your individual users need only a modern web browser such as Chrome or Edge.

Importantly, unlike most SaaS providers, EKNOW does not use a "multi-tenant" model. EKNOW's "single tenant" model means that no two EKNOW clients are hosted on the same server or server software stack (operating system, application, database, web server, file system, etc.). See "Dedicated Servers" for details.

Dedicated Servers

For maximum privacy and security, EKNOW does not use a “multi-tenant” hosting model: Every EKNOW M&A Tools software customer has an individual, 100% dedicated server and software stack.

This means that no other EKNOW customer or partner ever shares the database server, middleware, application server, or web server of any other EKNOW customer.

While this is more work for EKNOW, the benefits to EKNOW clients are worth it: For example, heavy usage by other EKNOW clients will never affect your M&A Tools performance. In the unlikely event that one client system is ever compromised, disabled, or goes down, no other client system can be directly affected. And of course, there is not even the theoretical possibility of one EKNOW client's data being inadvertently accessed by another in the same system.

Business Continuity

Since client data in M&A Tools is extremely valuable, EKNOW strictly follows industry best practices for reliability, back-up, and disaster recovery.

EKNOW employs multiple, redundant data centers. Each EKNOW data center location provides redundant hardware, power, and connectivity. Because EKNOW deploys each client on a dedicated, single-tenant system, in the unlikely event of a failure of any one client system, this has no effect on any other EKNOW client.

Of course, client data is automatically backed multiple times each day. Back-ups of your system are maintained both locally for rapid recovery, as well as off-site, in a geographically remote location, for reliable disaster recovery. Back-ups are fully encrypted, and tested routinely for recovery.

EKNOW does not employ tape or spinning disk for back-up. All M&A Tools client back-ups (even off-site back-up) are maintained 24×7 on fast solid-state storage. Should disaster strike, EKNOW’s approach can get clients back on line with the minimum possible delay.

For EU clients, and non-EU clients who direct EKNOW to host their systems in the EU, the client M&A Tools system and its remote back-up location are in separate countries within the EU.

Information Security

EKNOW has been securing customer data for nearly 25 years.
Currently, EKNOW customers enjoy:

• Separate development, test, staging, and production environments
• Intrusion detection& logging
• File integrity monitoring
• Brute-force attack protection
• SIEM, EDR endpoint agents
• SSAE 16 SOC 2 Type 2 audited facilities (in US)
• ISO/IEC 27001:2013 certified facilities (in EU)
• Hardened OS
• Encryption of data at rest
• Encryption of data in motion
• Encryption of all back-ups
• 256-bit TLS v1.3 strong encryption
• 4096-bit RSA key encryption (for data at rest)
• Daily/same-day security patches
• Industry-standard practices for port lock-down and intrusion detection
• Server-side virus scanning of all file uploads
• Client SSO / IAM
• 2-factor authentication
• Strong password policies
• Custom client password policy
• Routine vulnerability scans
• Periodic penetration testing by independent / third parties
• Dedicated / fully segregated server stack per client

Please contact EKNOW for updated or additional security policy details under NDA.

Data Privacy and Data Protection

Of course, all EKNOW M&A Tools Client data is and remains strictly private. All Client data is owned exclusively by the Client, may only be used as explicitly intended for the Client's business purpose, and may not be used for any other EKNOW or third-party business purposes whatsoever. Client data may not be shared with any third party unless specifically instructed by you.

EKNOW collects no personal data regarding users, and any user data necessarily entered for the Client's business purposes (such as name, email address) is protected on a need-to-know basis, based on the Client's own business roles and rules. This need-to-know requirement applies to both the Client's own employee users, and to the Client's EKNOW support staff.

Your EKNOW agreement incorporates GDPR Standard Contractual Clauses by reference. EKNOW acts solely as a Data Processor, while you, the EKNOW Client, act as the Data Controller. EU Client systems are hosted and backed up entirely within and between EU data centers, and Client systems are never transferred to US or non-EU locations.

Application Access Control

EKNOW further secures client data via the proprietary EKNOW Access Control Framework (ACF). EKNOW ACF is designed from the ground up specifically for the M&A business context: M&A organizations, groups, user roles, business processes, sensitive M&A data types, and more.

EKNOW ACF provides fine-grained role- and context-specific control without administrative complexity, automatically. ACF is what enables EKNOW clients to safely link their M&A Tools to every possible contributor, whether inside or outside of their organization.

EKNOW ACF is a critical component of your overall M&A data protection. Developed, refined and extended for 25 years, ACF is absolutely unique to EKNOW. Contact EKNOW for additional details.

Threat & Vulnerability Management

As threats evolve, so does EKNOW. At the time of writing EKNOW's practices include:

• Periodic external penetration testing by professional, independent 3rd parties
• Client option for additional, custom, or client-directed penetration testing
• Penetration test results available on request
• Daily vulnerability scans
• Programmatic anti-malware functions
• Scanning of all file uploads
• Daily re-scanning in-situ, with updated profiles, of all previously uploaded files
• Daily/same-day security patches
• Programmatic application of published updates and patches to all systems
• Industry-standard practices for port lock-down and intrusion detection
• Please contact EKNOW for updated or additional security policy details under NDA.

Server Stack

EKNOW relies on time-tested open source and industry standard server software.  

• Linux
• JAVA
• Apache / NGINX
• Tomcat
• Lucene
• EKNOW Application run-time
• JAVA embedded EKNOW DB

Each client system runs on a fully dedicated server stack: In other words, no database or other server software is shared across EKNOW clients.

EKNOW system administrators keep client systems continually up to date with system updates and security patches as they become available.

(Additional details provided under NDA.)

Data Centers

M&A Tools servers are hosted in professionally managed EKNOW data centers in North America, continental Europe, the United Kingdom, SE Asia, and Japan. All data centers provide full physical security, redundant connectivity, fire protection, and power conditioning.

European client systems are hosted and backed-up entirely in Europe. Client systems hosted in one EU country have remote disaster recovery back-up to locations in different country within Europe. Non-European customers may also elect to host and back up in our European data centers.

Only ISO 27001 Certified data centers are used in Europe, UK, and Asia. Only SOC2-audited data centers are used in the USA. ISO certificates available on request. SOC2 audit reports available under NDA.

North America
• Atlanta, GA
• Newark, NJ

Europe & UK
• Frankfurt, Germany
• London, England
• Amsterdam, The Netherlands

Asia Pacific
• Tokyo, Japan
• Singapore, Republic of Singapore

Kingdom of Saudi Arabia
• Riyadh, KSA