Two mixed race businesspeople working on a digital tablet in a meeting together at work. Business professionals using technology in an office. Businessman pointing to a digital tablet screen while sitting with his female colleague. Data security.

In SinglePoint knowledge management systems, network and data security is paramount

When Northern Light recently announced its EU-U.S. Data Privacy Framework certification, it was just the latest example of the company’s decades-long emphasis on network and data security.

Security is in Northern Light’s DNA

Security is in Northern Light’s DNA.  For over 20 years, we have provided knowledge management systems optimized for market and competitive intelligence to the world’s largest research-driven enterprises.  They will accept nothing less than top-flight security, nor should they; after all, their knowledge assets represent invaluable intellectual property that sits at the heart of their products and services, the very core of their businesses.

Northern Light follows industry best practices for data security in every regard.  Client applications are individual instances, not a multi-tenant architecture, which means one client’s data is never co-mingled with another client’s data.  Miss-delivery of content is impossible with our single-tenant architecture.

A knowledge management network fortress

Also, Northern Light’s network is a fortress with:

  • NextGen Palo Alto firewalls (highest rated firewalls)
  • CrowdStrike Falcon monitors on every server and endpoint that will proactively halt a suspicious process without waiting for human review and approval (highest rated Intrusion Detection System)
  • Packet sniffers from PacketWatch that examine every packet across the network
  • Encryption of content using an AES 256 algorithm
  • Secure encryption key storage off network using AWS Key Management,
  • Support of Bring Your Own Key so clients can manage the encryption key (BYOK),
  • Encryption between the client and Northern Light and between devices in Northern Light’s datacenter
  • 24×7 monitoring of network alerts by PacketWatch and CrowdStrike data security experts

Northern Light is SOC 2 certified and has an annual penetration test performed by SilverSky.  Northern Light’s development process for any change to any client application includes three security scans (development server, preview server, production server) and a code review by tech leads to ensure our secure coding standards have been followed.  Northern Light uses industry standard tools to scan source code, incorporated software libraries, and network devices for security issues and licensing compliance.

According to independent third-party analyses from SecurityScorecard, Northern Light has perfect scores in all areas, including the three critical areas of network security, patching cadence, and application security.  Northern Light is the only provider of knowledge management systems for competitive intelligence and market research with perfect scores from SecurityScorecard.

Generative AI data security

As you might expect, given this fanatical focus on all things security, client data security in Northern Light’s generative AI-based question answering feature is paramount.  (We currently leverage OpenAI’s GPT 3.5-Turbo large language model.)  Northern Light is using a private and secure enterprise account at OpenAI, not the public facilities like ChatGPT.  The communication between OpenAI and Northern Light is encrypted.  OpenAI operates a secure enterprise-level datacenter with SOC 2 certification and OpenAI encrypts all content in its possession with an AES 256 algorithm.  Also, OpenAI agrees contractually to not use the content, questions, or prompts we send for any purpose except answering the user’s questions – they can’t use them to train models or for R&D.  Furthermore, OpenAI has agreed to the “Zero Day Retention” of the content, questions, and prompts we send them.  With Zero Day Retention, the content, questions, and prompts we send them disappear immediately from OpenAI’s servers as soon as the answer to the user’s question has been generated and sent back to Northern Light.

All of this is to say: when it comes to enterprise knowledge management platforms, there’s no such thing as too much security.  Northern Light has taken that philosophy to heart, so its clients can rest assured their market and competitive intelligence assets are safe.

Back To Top