About nuix_quality without compromise
Keeping your data safe.
By Using Nuix Technology, You’re Choosing To Work With Ever-Vigilant Professionals Whose Mission Is To Keep Your Data Safe.
We understand how critical data is to you. In a digital world where data breaches and security incidents are commonplace,we’re obligated to protect your most sensitive information.
We preserve the confidentiality, integrity and availability of your data by building quality without compromise into the software and services we deliver. This includes compliance with internationally recognized information security standards; physical, administrative and technical controls; highly trained security professionals; a 24-hour security operations center; strong encryption; and safeguards built into our software development lifecycle.
ISO 27001 Certified
All Nuix software has been certified compliant with the ISO 27001, 27017 and 27018 information security standards. We maintain rigorous information security management systems for our software as a service (SaaS) and software development environments.
Nuix Discover® has been assessed under the Australian Cyber Security Centre’s Information Security Registered Assessors Program (IRAP) and the Australian Prudential Regulation Authority CPS 234 regulation for Australian financial institutions and their suppliers.
Nuix is a member of the Cloud Security Alliance. We also assess our software and operations against the US Government Federal Risk and Authorization Management Program (FedRAMP), United Kingdom G-Cloud and German C5 standards.
Software development lifecycle.
Our software development lifecycle includes formal design reviews; peer review; static and dynamic code analysis; and external third-party application security tests.
DATA ENCRYPTION AT REST AND IN TRANSIT
Nuix encrypts customer data at rest using AES 256 encryption and in transit using SSL certificates. You can run Nuix Workstation and the Nuix Engine in FIPS mode, meeting the US Government’s Federal Information Processing Standard 140-2 for cryptographic modules.
We have deployed security information and event management technology and monitor activity across our systems from a 24x7 security operations center.
Nuix employs trained security professionals who have worked for military, law enforcement and intelligence agencies and security software and consulting firms. Their skills include intrusion detection; vulnerability management; malware reverse engineering; penetration testing; cryptography; application development and security; and digital forensics and incident response.
Nuix SaaS environments are protected with:
- Next-generation antivirus software, network intrusion prevention systems and host-based intrusion prevention systems
- Firewalls throughout our SaaS environment using granular access control lists Network-based data loss prevention systems
- Regular scans for known vulnerabilities, misconfigurations, missing patches and insecure services
- Regular patches to systems and applications