SECURITY
CERTIFICATIONS
KEEPING YOUR DATA SAFE
TECHNICAL SAFEGUARDS
We understand how critical data is to you. In a digital world where data breaches and security incidents are commonplace,
we’re obligated to protect your most sensitive information.
We preserve the confidentiality, integrity and availability of your data by building quality without compromise into the software and services we deliver. This includes compliance with internationally recognized information security standards; physical, administrative and technical controls; highly trained security professionals; a 24-hour security operations center; strong encryption; and safeguards built into our software development lifecycle.
SECURITY
CERTIFICATIONS
All Nuix software has been certified compliant with the ISO 27001, 27017 and 27018 information security standards. We maintain rigorous information security management systems for our software as a service (SaaS) and software development environments.
Nuix Discover® has been assessed under the Australian Cyber Security Centre’s Information Security Registered Assessors Program (IRAP) and the Australian Prudential Regulation Authority CPS 234 regulation for Australian financial institutions and their suppliers.
Nuix is a member of the Cloud Security Alliance. We also assess our software and operations against the US Government Federal Risk and Authorization Management Program (FedRAMP), United Kingdom G-Cloud and German C5 standards.
KEEPING YOUR DATA SAFE
Our software development lifecycle includes formal design reviews; peer review; static and dynamic code analysis; and external third-party application security tests.
Nuix encrypts customer data at rest using AES 256 encryption and in transit using SSL certificates. You can run Nuix Workstation and the Nuix Engine in FIPS mode, meeting the US Government’s Federal Information Processing Standard 140-2 for cryptographic modules.
We have deployed security information and event management technology and monitor activity across our systems from a 24x7 security operations center.
Nuix employs trained security professionals who have worked for military, law enforcement and intelligence agencies and security software and consulting firms. Their skills include intrusion detection; vulnerability management; malware reverse engineering; penetration testing; cryptography; application development and security; and digital forensics and incident response.
All Nuix personnel undergo police background checks in the jurisdictions where they work. Our employees are contractually required to store, process, and transmit all customer information in the strictest confidence.
TECHNICAL SAFEGUARDS
Nuix SaaS environments are protected with: