Security & Trust

Traffic Encryption

Nile provides complete encryption from and to our cloud via HTTPS with Mutual Authentication. This ensures our customer information is protected from snooping and protects the integrity of our customer’s data.

Microservice Security

Nile’s service is composed of different microservices, designed to be agile. From building to packaging these microservices, we follow industry best practices to secure them and continuously monitor them to detect unusual activities quickly. We’ve created an agile and secure methodology for our CI/CD. For example, our team continuously scans for dependencies and ensures that the image repositories we use are secure. We use HTTPS in for communications between microservices.

Protect Data in Transit and at Rest

Nile believes our customers should have a high level of confidence in our commitment to security and privacy when using our service. Customers’ data is kept to a minimum for troubleshooting purposes and is compliant with industry standards. All data is fully encrypted as part of our security design using widely accepted encryption standards like Advanced Encryption Standard (AES) and schemes like AES-GCM-SIV.

Cloud Console Access

Nile’s cloud console is kept to least-privileged access and is highly monitored for unusual activities. Resources with access to our cloud console have to use MFA to access the console, and their access is restricted to a set time with auto disconnect. In addition, all authentications are required to go through our SSO system.

Tenant Isolation

Isolating tenants to ensure data integrity, security, and privacy is VERY important to us. Our strategy centers around the individual tenant’s identity and other constructs to guarantee tenant isolation. Every service uses the tenant scoping context for all interactions.

Threat Modeling

Examining applications and their interactions (both internal and external) through the lens of security. We have provisions and processes in place to work with customers in case of an incident, or an unusual behavior is detected. Within our Security Operation Center (SOC), our analysts regularly test any security processes to ensure that best practices are followed. Our security processes utilize automation with human monitoring to ensure accuracy and reduce risk.

Static Code Analysis

Automatic security scanning is built into our CI/CD pipeline to identify Software Supply Chain vulnerabilities. Our developers understand open source software (OSS) can have vulnerabilities, so we have strict guidelines on which to choose while maximizing customer experience and performance. These guidelines are constantly reviewed and updated to ensure modern techniques and practices are used.

Image & Application Scanning

A multi-stage, multi-tool approach is used to identify vulnerabilities in packages in our images before they are deployed. Additionally, continuous application scans are conducted to detect issues and misconfigurations.

Penetration Testing

Nile performs penetration testing regularly in-house and uses highly qualified 3rd party penetration testers.

As part of our commitment to being transparent, we always share the penetration testing summary results when engaging with our customers.

Separation of Duties (SOD) and Least Privilege Access

Least-privilege access is done for all of our IT tools and Applications. We have an access review program that frequently checks for a user’s permission to ensure they are only given minimum access required to perform their duties.

Multi-level approvals are applied by raising tickets to ensure separation of duties.

MFA Everywhere

All employees must use multi-factor authentication (MFA) to log into our applications and services.

Vendor Management

We use stringent security requirements utilizing questionnaires on a vendor’s security practice, feature support like SSO, and role-based access control for all 3rd party applications is mandated. These processes are closely followed every time a new application is onboarded.