We value the trust our customers place in our service. From developing our software to delivering the service to our customers, security is inherently designed in every element of the network. Every team member at Nile is required to follow mandatory security practices to ensure our customers are not affected by human risk. Our Security Team leads the service with continuous security programs and practices like frequent penetration testing, vulnerability assessments, and least-privilege access controls. As part of our commitment to security and transparency, we actively work with our partners and customers to share our process so they can participate in helping improve our service for all.
We believe security starts and ends with people. In addition to leveraging automation as often and as much as possible, eliminating complexity and simplifying where we can, the human element needs to also be secured. That's why Nile has developed a customer-centric culture with a security-first mindset.
First, we've made it extremely easy for engineers and other employees to raise security concerns and awareness. All of our employees are required to go through recurring security training. We also have processes to ensure employees practice safe security and detect when they deviate from normal behaviors.
We have provisions and processes in place to work with customers in case of an incident, or an unusual behavior is detected. Within our Security Operations Center (SOC), our analysts regularly test any security processes to ensure that best practices are followed. Our security processes utilize automation with human monitoring to ensure accuracy and reduce risk.
Our team empowers us to deliver first-class experiences to our customers. In order to protect our customers, the Nile Security Team uses a proactive recertification process to continuously review our external access posture and ensure that only the right resources will have the right access at the right time.
The SOC 2 Type II is the gold standard for describing the security controls of cloud service providers. It provides a tremendous amount of detail about the security controls in place within an organization. It also includes the checks that an auditor applies to validate those controls have been in place over an audited time period. If you are interested in viewing Nile’s SOC 2 report, please contact our team for a copy.
ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.
STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM). Publishing to the registry allows organizations to show current and potential customers their security and compliance posture, including the regulations, standards, and frameworks they adhere to. It ultimately reduces complexity and helps alleviate the need to fill out multiple customer questionnaires.
Wi-Fi CERTIFIED™ is an internationally recognized seal of approval for products indicating that they have met industry-agreed standards for interoperability, security, and a range of application specific protocols. Certification means that a product has been tested in a variety of ways to validate interoperability with other Wi-Fi CERTIFIED equipment operating in the same frequency band. Wi-Fi CERTIFIED products undergo rigorous testing.
Read our compliance whitepaper to understand how Nile does compliance for well-known standards for financial organizations or organizations dealing with sensitive financial information.
Nile has applied privacy by design and privacy by default principles in its services right from the get go.
Nile constantly ensures that we collect only the minimum data necessary to support our service.
We require explicit consent of the customer to be obtained when accessing customer data during support or debugging issues. All of these access are recorded and made available to customers in Audit logs within their Nile Portal.
We have built and continuously developed a security-first mindset with strict training within the organization on how to deal with customer data (e.g. PII information).
Subscribe to The Secure Edge – a monthly newsletter on Zero Trust, NaaS, and Modern IT for CIOs, CISOs, and NetSec practitioners
