Securestorm - Low Code development platform

Knack is an easy to use "Low-Code development platform" that transforms data into powerful online databases, with clean interfaces, that requires no coding. With Knack you can structure data with data types that make sense, connect data by linking related records together and extend data with special options and integrations.


  • Low Code development
  • Build a custom solution that fits your exact needs
  • 14 day free trial!
  • Create flexible interfaces with tables, forms, searches, maps, etc
  • Create database object types that add powerful functionality
  • Get started quickly with templates you can customise and tweak
  • Control users access to specific content, via roles and permissions
  • Add payments to create powerful E-Commerce applications
  • Knack provides flexible tools to easily implement realtime workflows
  • Customise Knacks's functionality, interface/design, with CSS and Javascript


  • Completely Customise to User Needs
  • Suitable for OFFICIAL classified workloads and information
  • Low code development enables rapid creation and deployment of services
  • Live Data, Instant Insights
  • lays Well With Others via API and Webhook Integrations
  • Free app assistance with live chat with english-speaking humans
  • Accept Payments With No Coding (Easy E-Commerce)
  • Speed & Security Reliability
  • Automated notifications allow for easy sharing of data
  • Mobile Access allows for anytime anywhere input/delivery of business data


£35 to £850 per unit per month

Service documents

G-Cloud 9



Mr N Nistar

0203 8655890

Service scope

Service scope
Service constraints No.
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Knack provides a range of support options depending on the subscription plan purchased: Basic Support includes email and online ticketing support via their online support site, Monday to Friday between 10am and 6pm EST, USA time, with response within 1 - 2 days, as well as web chat support from within the Knack platform, which is within 24 hours response time. See out service description for more details on the Support packages available in the subscription plans.
User can manage status and priority of support tickets No
Phone support No
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Chat is great for general questions on how to build your app. Even if Knack support aren't immediately available we'll reply as soon as possible. Knack web chat availability is Monday - Friday 10am to 6pm EST USA, although you'll often find Knack support on at other hours.
Knack web chat is accessible from within the Knack development platform, by simply clicking on the Knack logo icon in the bottom right-hand corner of the builder screen.
Web chat accessibility testing None.
Onsite support Yes, at extra cost
Support levels Securestorm free email support is available Monday to Friday, 9am to 5pm, UK, with a response within 24 hours. Securestorm can provide on-site support, configuration and consultancy, as part of a separate Cloud Support Service on the Digital Marketplace. The online support site has a range of FAQs, guides and manuals, free and available 24/7. Knack Basic Support: free online ticketed support, and web-chat support are both available Monday to Friday, 10am to 6pm EST, USA, with response within 1 - 2 days. Knack Priority Support: same as Basic, but also includes phone or Skype support, within 24 hours. Knack Premier Support: includes a dedicated Support Manager, and same day response.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started has an online support site that includes a "Getting Started" page, with easy to follow instructions, documentation, videos, case studies and guidance.
As a provider of application and database services, (together with its affiliates, "Knack") offers its customers (also known as subscribers), and their customers and users, the means to acquire and disseminate electronic data, files and information. While Knack acknowledges that the internet can provide a forum for free and open dissemination of information, Knack reserves the right to take certain preventative or corrective actions as it deems appropriate. To this end, Knack has developed this Knack Acceptable Use Policy (this "Policy"), which supplements certain terms of each customer's respective service agreement and is intended as a guide to such customer's rights and obligations when utilizing Knack's services.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction has Zero data lock-in. Export your records at any time into CSV, text, or JSON files.
End-of-contract process At the end of the contract or subscription period, access to the Knack dashboard will be closed, and the data cleansed. It is suggested that prior to the cut-off date, that any data that is to be retained, is downloaded as either a CSV, JSON or text file.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users can setup, build, configure, design, develop, change and edit applications and databases through the web interface. There are no limitations via the web interface, though it is suggested that application development is not done via a mobile phone or tablet device.
Web interface accessibility standard WCAG 2.0 AAA
Web interface accessibility testing WCAG 2.0 AAA site checking service has been conducted against the platforms web interface.
What users can and can't do using the API Knack offers a comprehensive API that gives designers and developers full access to update and customize Knack applications. Users can: use the Knack API to create, retrieve, update, and delete application records; use client-side JavaScript to trigger actions when your users perform specific events in your live applications; use CSS to customize your application's design, including the layout, colours, and text. The Knack API is organized around REST. Has predictable, resource-oriented URLs, and uses HTTP response codes to indicate API errors. Knack use built-in HTTP features, like HTTP authentication and HTTP verbs, which are understood by off-the-shelf HTTP clients. The API follows most conventions of RESTful architecture. Any requests which require authentication must always be authenticated, as our servers do not retain information from previous requests. Our routes are reliably simple and lack more than a few levels of nesting. All data sent to and from the API must be in JSON format. Knacks online guides provide example API requests throughout the documentation.
API automation tools Other
Other API automation tools
  • Zapier
  • Webhooks
API documentation Yes
API documentation formats
  • HTML
  • Other
Command line interface No


Scaling available Yes
Scaling type Automatic
Independence of resources Knack is built on AWS cloud infrastructure and as such, has been architected to scale on demand without effecting user services. Number of applications, quantity of records and storage used are limited based on the level of subscription plan. The plan limits are stated and tracked on the user’s platform dashboard.
Usage notifications Yes
Usage reporting Other


Infrastructure or application metrics Yes
Metrics types
  • Memory
  • Number of active instances
  • Other
Other metrics
  • Number of Database records used
  • Amount of storage used
Reporting types Real-time dashboards


Supplier type Reseller providing extra support
Organisation whose services are being resold

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • All databases - backed up twice daily
  • Recent versions of records - instantly
  • Older versions of records - longer recovery from archives
  • Export records into CSV, text, or JSON files.
Backup controls Knack is resilient by design, based on Amazon Web Services cloud, with infrastructure across multiple availability zones. Knack stores multiple copies of every change ever made to your database in multiple locations.
Whether you accidentally delete a single record, or your intern deleted the entire database again when you weren't looking -- we'll be able to find a backup and restore it. Active Backups - All recent versions of your records are stored in active databases that can be found and retrieved almost instantly. Archives - Older versions of your records are stored in longer term archives.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Knack provides a 99.9% uptime guarantee. This means that for any given month, while unlikely, it is possible that Knack may experience an average downtime of up to 2678 seconds excluding scheduled maintenance. If an outage exceeds a cumulative of 2678 seconds in a month, Knack will credit 5% of the Your base monthly recurring fee for the affected account, per hour of downtime.
This guarantee covers Knack's internal infrastructure including application and database servers, routers, switches, the cables connecting them, and connectivity to our backbone providers. This guarantee does not cover email delivery.
Scheduled Maintenance means any maintenance on the equipment and services that affect the uptime of Knack, for which You are notified at least 24 hours in advance.
Notice of Scheduled Maintenance will be provided to your account administrator by a method elected by Knack (email or telephone).
Nothing in this agreement shall prevent Knack from conducting emergency maintenance on an as-needed basis.
Approach to resilience Knack is built on AWS cloud infrastructure, and has been built to be resilient by design.
Multiple Databases - Knack mitigates database failures by storing your data in multiple databases, so if one database goes down the other databases can pick up the slack. Each change made to your database immediately propagates to these redundant versions.
Multiple Locations - Having multiple databases won't help if they are all stored in a single location. One well placed meteor landing and those databases are gone. Knack mitigates location failure by storing the extra databases in different geographic locations.
Built in Redundancy - Knack uses AWS features like Auto-Scaling and Elastic Load Balancing to ensure that our production systems remain online and traffic is always routed to healthy instances. Knack continuously replicates your data and have it ready to bring online if any primary nodes fail.
Offline Backups - Knack stores physical backup files in a separate location from the servers as a final safeguard in case of major catastrophe. These backups are made on a daily basis and are encrypted using AES-256 encryption keys.
Outage reporting Email alerts will be provided for any scheduled or unscheduled down time. In the event that scheduled maintenance may unduly affect Your operations, it shall be Your responsibility to so notify Knack Technical Support via to discuss any necessary arrangements.

Identity and authentication

Identity and authentication
User authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
  • Other
Other user authentication Password Protection - Password protect your apps with encrypted password technology, so that only authenticated users can access it. You can configure multiple registration options for adding new users.
Advanced Logins - Integrate your Active Directory or LDAP users for Single Sign On to limit access to your established users.
IP Blocking - Optionally restrict access to your app to specific IP addresses or IP blocks.
Record Level Security - Design your application so that each logged-in user can only access the records that are connected to them.
Access restrictions in management interfaces and support channels VPN Access - All access by Knack employees to customer data is governed by a secure virtual private network. This access is monitored and can be revoked at any time.
Access Logging - Every access request to your data by a Knack employee is logged and time-stamped. We can confirm exact access by the Knack team to any data in the unlikely case that this log is needed.
Support Access - The Knack team will sometimes need to access your data for support services. We only do this at your request and when necessary to resolve the issue.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 EY CertifyPoint
ISO/IEC 27001 accreditation date 11/11/2016
What the ISO/IEC 27001 doesn’t cover The Amazon Web Services ISO27001 certification includes the infrastructure that the Knack Platform is built on. The Knack platform, however, is not included within the ISO27001 certification scope.
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 11/11/2016
CSA STAR certification level Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover The Amazon Web Services CSA STAR certification includes the infrastructure that the Knack Platform is built on. The Knack platform, however, is not included within the certification scope.
PCI certification Yes
Who accredited the PCI DSS certification Coalfire Systems, Inc.
PCI DSS accreditation date 30/04/2016
What the PCI DSS doesn’t cover The Amazon Web Services (AWS) PCI DSS certification covers the AWS infrastructure that the Knack platform is built on. The Knack platform is not covered by the certification scope.
Other security accreditations Yes
Any other security accreditations
  • Cyber Essentials
  • National Cyber Security Centre certified Cyber Security Consultancy

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
Other security governance standards Securestorm is Cyber Essentials certified. The underlying infrastructure is provided by Amazon Web Services, who are: ISO27001:2013, PCIDSS, CSA CCM, SOC2, BSI C5 and Cyber Essentials certified.
Information security policies and processes Securestorm has implemented an Information Security Policy, including: Data Protection and Privacy, Classifications, Backup and Recovery, Encryption, Data Erasure and Destruction, Change Management and Testing. All processes that staff are required to follow are detailed in the Securestorm Employee Handbook. All security issues are report to the Securestorm CISO.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Infrastructure is provided by AWS - See AWS SOC2 Report, September 2016, CC7.4. See also AWSCA-6.1 - Applies a systematic approach to managing change.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Infrastructure is provided by AWS - See AWS SOC2 Report, September 2016, CC3.1, CC6.1, CC7.4.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Infrastructure is provided by AWS - See AWS SOC2 Report September 2016, CC3.1, CC6.2, CC7.4.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Knack DDoS Mitigation - AWS provides a robust platform that is not only pre-built to mitigate some attacks, but it also allows Knack to react quickly to spread out impact if there is an attack.
Infrastructure is provided by AWS - See AWS SOC2 Report September 2016, CC3.1.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Amazon Web Services
How shared infrastructure is kept separate Knack use Amazon Web Services to power everything that Knack has to offer. As a Knack customer you inherit all the best practices of AWS policies, architecture, and operational processes. AWS is considered the industry leader in cloud services and is trusted by organizations like HMRC, Home Office and the MoJ. Amazon's secure data centres enable the redundancy and scaling that equates to a secure and reliable service for your Knack databases. Knack maintains a privacy policy that outlines their commitment to respecting your privacy and the privacy of the information in your account.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £35 to £850 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Try Knack free for 14 days. No credit card required and you can cancel at any time. The free trial version includes: Up to 20,000 records; 2 GB of storage; build up to 3 applications; and Basic Support.
Link to free trial


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑