Platform & Security
The M&A Tools platform is delivered as software-as-a-service (SaaS). Each client system runs on a dedicated server. All hosting, management, and administration of the system is the responsibility of EKNOW. Clients have no IT responsibilities for their M&A Tools server other than “white-listing” and, optionally, allowing for single sign on (SSO).
Individual client users need only a modern web browser. New clients can be ready to use their new M&A Tools in hours.
For maximum privacy and security, EKNOW does not use a “multi-tenant” hosting model: Every EKNOW M&A Tools software customer has an individual, 100% dedicated server and software stack.
This means that no other EKNOW customer or partner ever shares the database server, middleware, application server, or web server of any other EKNOW customer.
M&A Tools servers are hosted in eight EKNOW data centers in North America, continental Europe, the United Kingdom, SE Asia, and Japan.
European client systems are hosted and backed-up entirely in Europe. Non-European customers may also elect to host and back up in our European data centers.
Reliability & Redundancy
EKNOW understands that your data in M&A Tools is extremely valuable. EKNOW maintains multiple, redundant facilities and servers. Client data is automatically backed multiple times each day. Back-ups of your system are maintained both locally for rapid recovery, as well as off-site, for reliable disaster recovery.
EKNOW does not employ tape or spinning disk for back-up. All M&A Tools client back-ups (even off-site back-up) are maintained 24×7 on fast solid-state storage. Should disaster strike, EKNOW’s approach can get clients back on line with the minimum possible delay.
EKNOW has been hosting and securing customer data for almost 20 years. Currently, EKNOW customers enjoy:
- SSAE 16 SOC 2 Type 2 audited facilities (in US)
- ISO/IEC 27001:2013 certified facilities (in EU)
- 256-bit TLS 1.2 strong encryption
- Encryption of the entire file system
- Encryption of all back-ups
- Daily/same-day security patches
- Industry-standard practices for port lock-down and intrusion detection
- Server-side virus scanning of all file uploads
- Client option of 2-factor authentication
- Strong minimum password policies
- Optionally, custom client IT password policy
- Routine vulnerability scans
- Periodic penetration testing by independent / third parties
- Dedicated / fully segregated server stack per client
Please contact EKNOW for additional security policy details under NDA.
Application Access Control
EKNOW further secures client data via the proprietary EKNOW Access Control Framework (ACF). EKNOW ACF is designed from the ground up specifically for the M&A business context: M&A organizations, groups, user roles, business processes, sensitive M&A data types, and more.
EKNOW ACF provides fine-grained role- and context-specific control without administrative complexity, automatically. ACF is what enables EKNOW clients to safely link their M&A Tools to every possible contributor, whether inside or outside of their organization.
EKNOW ACF is a critical component of your overall M&A data protection. Developed, refined and extended for 20 years, ACF is absolutely unique to EKNOW. Contact EKNOW for additional details.
EKNOW relies on time-tested open source and industry standard server software. Each client system runs on a fully dedicated server stack; i.e., no database or other server software is shared between EKNOW clients. EKNOW system administrators keep client systems up to date with system updates and security patches as they become available.
- Oracle Embedded OS DB
- EKNOW Application
For security reasons, additional details are provided under NDA.