Security Statement
  • 31 Jan 2023
  • 1 Minute to read

Security Statement

Article summary

Nexudus will implement and maintain the following security measures:

  1. Organisational management and dedicated staff responsible for the development, implementation
    and maintenance of Nexudus’ information security program.

  2. Audit and risk assessment procedures for the purposes of periodic review and assessment of
    risks to Nexudus’ organisation, monitoring and maintaining compliance with Nexudus’ policies and
    procedures, and reporting the condition of its information security and compliance to internal
    senior management.

  3. Data security controls which include at a minimum logical segregation of data, restricted (e.g.
    role-based) access and monitoring, and utilisation of commercially available and industry
    standard encryption technologies for Customer Personal Data.

  4. Logical access controls designed to manage electronic access to data and system functionality
    based on authority levels and job functions.

  5. Password controls designed to manage and control password strength, expiration and usage.

  6. System audit or event logging and related monitoring procedures to proactively record user
    access and system activity.

  7. Physical and environmental security of data centers, server room facilities and other areas
    containing Customer Personal Data designed to protect information assets from unauthorised
    physical access or damage.

  8. Operational procedures and controls to provide for configuration, monitoring and maintenance of
    technology and information systems, including secure disposal of systems and media to render all
    information or data contained therein as undecipherable or unrecoverable prior to final disposal or
    release from Nexudus’ possession.

  9. Change management procedures and tracking mechanisms designed to test, approve and
    monitor all material changes to Nexudus’ technology and information assets.

  10. Incident management procedures designed to allow Nexudus to investigate, respond to, mitigate
    and notify of events related to Nexudus’ technology and information assets.

  11. Network security controls that provide for the use of enterprise firewalls and intrusion detection
    systems designed to protect systems from intrusion and limit the scope of any successful attack.

  12. Vulnerability assessment and threat protection technologies and scheduled monitoring
    procedures designed to identify, assess, mitigate and protect against identified security threats,
    viruses and other malicious code.

  13. Business resiliency/continuity and disaster recovery procedures designed to maintain service
    and/or recovery from foreseeable emergency situations or disasters.

Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.