Knorish deeply cares about your data security and privacy. Stringent measures have been put in place to protect them. While this is not a comprehensive list but it is meant to act as a quick guide of frequently asked questions about our security practices and protocols.
- End to End SSL for Secure Browsing
- Best in Class Infrastructure
- SDLC (Software Development Lifecycle)
- Payment Processing and Gateways
- Access Security
- Administrative Security Measures
- Proactive Tech Support
- Responsible Disclosure
End to End SSL for Secure Browsing
Knorish domains are fully SSL Secure. The data on your site built with Knorish is encrypted to ensure the security and confidentiality of the data. Any request without SSL/HTTPS is completely rejected. End-to-end SSL is one of the standard security architectures we follow at Knorish.
Here’s how the course creators can connect their custom domain with a free SSL certificate on Knorish Platform: How to connect a custom domain with a free SSL certificate?
Best in Class Infrastructure
Knorish runs on Amazon Web Service (AWS) and Microsoft Azure infrastructures with best-in-class instrumentation tools powered to continuously monitor any potential security breach. Amazon GuardDuty helps us continuously monitor malicious activity and unauthorized behavior.
In addition, AWS VPN ensures that the service scales up or down based on user demand in a highly secure and private network. While AWS WAF firewall helps us protect applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.
SDLC (Software Development Lifecycle)
Regular practicing of SDLC at Knorish effectively gives a defined view of the entire system, resources, timeline, and goals to the Techies to ensure the reliability and quality of the final product. Knorish Tech Team has enhanced control over large or complex projects that involve comprehensive and explicit steps.
All committed code changes are reviewed by an individual that is different than the developer and are tested multiple times, prior to production. Data security is highly ensured through limited accessibility and subject to standard security protocols.
Payment Processing and Gateways
Knorish does not process any payment directly but uses external payment processors having 100% PCI DSS compliant & certified such as Razorpay, CCAvenue, and Paypal.
Knorish takes the following sets of actions to ensure that the parties authorized to use a data processing system only have access to the data for which they have been specifically cleared. In no circumstance, they are able to cross store data or read, copy, change or remove any information.
- Authorization for Knorish services and internal applications is enforced at all times and all levels
- Access rights are granted or processed subject to the personnel member’s job responsibilities.
- Only trained and specifically authorized personnel members to get through the data. This special access is revoked in the event of an individual’s dismissal or termination of employment.
- All members of the team with access to production systems may access production solely through a securely authenticated session
- Knorish uses a centralized logging system. All the logs are protected from any modification or deletion.
Administrative Security Measures
Strict policies have been put in place to address and limit access to our systems at Knorish. For certain data access tools, tool owners authorize the nature and extent of access privileges prior to granting access. All of the procedures for requesting and generating certificates to access data for development and production are well documented.
Knorish employees are required to complete security training as part of their onboarding.
Our Technology Team conducts company-wide security awareness activities to reinforce information security practices and policies on a regular basis. The team is equipped to act in the event of any emergency.
Proactive Tech Support
Any security report and reported incident are promptly attended to & seriously reviewed by our technology team and prioritized for necessary action. Our Customer Support and Tech Teams are thoroughly trained to report, review and respond immediately in view of any possible threat.
We do regularly monitor the application and try our best to ensure that in the case of any failure, we recover as quickly as possible. You may follow our monthly feature updates available at Knorish Blog. The link is here Knorish Updates
If you come across a vulnerability in the Knorish Platform, please alert us here at Customer Support. If you believe the security of your account has been compromised or are seeing suspicious activity in your account, immediately change the password immediately. Upon multiple incorrect attempts, the passwords are locked. They can be unlocked only by the user with access to their registered email.
Knorish takes proactive steps to stay ahead of emerging security threats and appreciates your cooperation in maintaining the security of its Platform.
For any specific questions or concerns related to security here’s how you can reach our Support Team at:
Contact Our Support Team
Phone: +916366449374 (Mon - Fri: 10 AM - 6 PM)
Raise Tickets: Click Here