At Nexthink, Information Security, Data Privacy, and Compliance are our top priorities. We are committed to maintaining the most demanding business processes and protocols in support of these. Our Trust Center is here to help you understand what we are doing to ensure the utmost security, privacy, and compliance in all products and services that we provide.
Nexthink maintains a comprehensive set of certifications and attestations which validate our commitments. Read below for more information.
AICPA SOC2 Type 1 is a report on the fairness of the presentation of management’s description of the Nexthink organization’s system and the suitability of the design of the controls to achieve the related control objectives set forth in the Trust Services Criteria (Security and Availability) and included in the description as on 24th of June 2021.
The International Organization for Standardization 27001:2013 Standard (ISO 27001:2013) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).
ISO 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27001:2013 standards. This code of practice provides additional information security controls implementation guidance specific to cloud service providers.
The International Organization for Standardization 27018:2019 Standard (ISO 27018:2019) covers privacy protections for the processing of personal information by cloud service providers.
CSA Star Level 1 – Nexthink has made available documents related to securing sensitive data in the cloud to Cloud Security Alliance (CSA) Security, Trust & Assurance – Level 1.
Our customers’ security and privacy is our highest priority. We make every effort to protect the privacy of our customers’ data and provide our customers complete transparency into our practices.
For more information please visit our Global Privacy Hub.
We take security seriously at Nexthink. As part of our ongoing commitment to provide a best-in-class cloud service, we leverage independent third parties to help us strengthen our security. If you think you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner by emailing us at firstname.lastname@example.org.
For more information, please see the Nexthink Responsible Disclosure Policy.