Security Policy and Data Protection procedures of Nios4 Platform

The security of Data of our customers is a priority for us of the Software House D-One, the Developers of Nios4 Platform with native technology, on 5 Operating Systems. We work to protect your data and its security.

If you have any questions about the security of your data, or to let us know about a vulnerability, Submit requests via the Nios4 Help Portal: https://nios4.cloud/help/

Security of data centers

Our services are hosted on Amazon Web Services (AWS) infrastructure, which provides integrated end-to-end security features. For more details on AWS security: https://aws.amazon.com/security/.

AWS data centers are protected from any unauthorized access, and certified by third parties that ensure complete security of your data. You can find the list of certifications on https://aws.amazon.com/compliance/programs/, and more information about data centers on https://aws.amazon.com/compliance/data-center/data-centers/.

Server and network security

Our servers are protected by firewalls to prevent unauthorized access to our network and block unwanted traffic. Testing and development activities are hosted on a separate network from the systems on which our customers' data reside.

Our team receives automatic notifications in case of abnormal activity in the production environment.

All our servers are protected by disabling unused ports and accounts, removing default passwords, and so on. The operating systems in use are also configured to the highest degree of protection.

Data security

The data of each customer are logically separated from the data of other customers, that is, they reside on different databases with different access credentials. This ensures that each customer’s data does not become accessible to any other customer.

Your data is stored on our servers, but it always remains your property. We do not share this data with third parties without your consent.

The development modes of all our applications, both server and client, help mitigate threats such as SQL-injection, cross-site scripting, session stealing, and session fixation attacks.

Encryption in transit
All data transmitted to and from our servers on public networks is protected using advanced encryption protocols. Connections to our servers, the web-app, access to APIs, and all of our desktop and mobile apps use the HTTPS protocol with Transport Layer Security (TLS 1.2 and TLS 1.3) supporting the most modern and advanced encryption.
This ensures a secure connection by allowing authentication of both parties involved (servers and apps) and encrypting the data to be transferred.
For technical information on supported protocols and encryption, you can consult the report at https://www.ssllabs.com/ssltest/analyze.html?d=nios4.cloud.

Monitoring and logging
We monitor and record information about the use of our services in the form of event logs and error logs. Logs are analyzed in case of anomalies, to identify unusual activities or attempts to access customer data.

Backup and delete your data
We retain your data as long as you choose to use our services. After 1 month from the expiration of the service your data will no longer be accessible, but we can recover them within 3 months. We also keep an offline backup for an additional 6 months.
If you decide to delete your account, all your data will be deleted immediately. Again, deleted data will be deleted from offline backups after 6 months.
You can also export and store your data yourself at any time by visiting the https://nios4.cloud/? page=my_cloud_dbs page.

Incident Management and Breach Notification
As data controllers, we inform the Data Protection Authority of any data breach, within 72 hours from the moment we become aware of it, in accordance with the General Data Protection Regulation (GDPR). Depending on the specific needs, we also inform customers. Link: https://drive.google.com/file/d/1a1O73BXUzIFBxpUT9m0CNEu1ZmA7HF4u/view?usp=sharing

Responsible Disclosure
We are committed to working together to verify, reproduce, and implement appropriate solutions to close any reported vulnerabilities.
If you would like to report a vulnerability, you can submit requests via the Nios4 Help Portal: https://nios4.cloud/help/

Safety checks
Finally, here is what you, as our customer, can do to ensure the security of your data:

• Choose a secure password, different from the passwords you use for other services.
• Use the latest versions of our desktop and mobile applications, and make sure you always update your browser and the operating system of your device to the latest version, so as to be protected against known vulnerabilities and to use the latest security features.
• Do not leave devices connected to your account unattended.
• Properly design and manage user categories and access permissions to your service data.
• Beware of phishing and malware, don’t trust unknown email messages and websites.

If you would like to report a vulnerability, you can submit requests via the Nios4 Help Portal: https://nios4.cloud/help/

Security Policy and Data Protection procedures of Nios4 Platform

If you have any questions about the security of your data, or to let us know about a vulnerability, Submit requests via the Nios4 Help Portal: https://nios4.cloud/help/ Security of data centers

Server and network security

Data security

DATA PROTECTION IMPACT ASSESSMENT - GDPR

Risk Analysis and Procedures for SaaS Database Management

Risk Analysis and Procedures_ Internal Checklist

Risk Analysis and Procedures_ One-Pager

Operating Procedure – Access to Customer Databases

Operating Procedure – Management of Inadmissible Data

Operating Procedure – Incident and Anomaly Management

Operating Procedure – Customization of Customer Databases

Operating Procedure – Customer Technical Support

If you have any questions about the security of your data, or to let us know about a vulnerability, Submit requests via the Nios4 Help Portal: https://nios4.cloud/help/

Security of data centers