Enterprise Security and Compliance

We value your security and privacy

At Nestor, we take data security and privacy extremely seriously. Our team is driven by integrity and the utmost care to run tasks while securely maintaining customer data and personal information. We’ve outlined below some critical measures we have in place to ensure your enterprise security level and compliance.

Data protection

Data encryption

  • Data¬†in transit:¬†All¬†data¬†transferred between the user‚Äôs browser and Nestor‚Äôs servers is encrypted in transit. Nestor uses bank-grade TLS 1.2
  • Data¬†at rest:¬†Data¬†is encrypted at rest using 256-bit encryption via native AWS capabilities.

Data center security

  • Data¬†center provider:¬†Nestor uses Amazon Web Services (AWS) to host its production servers, databases, and supporting services.
  • Virtual Private Cloud: Our infrastructure is hosted in AWS VPCs.
  • Physical¬†security:¬†Nestor‚Äôs infrastructure is managed by AWS. Please see this page for full details:¬†https://aws.amazon.com/security/
  • Access monitoring:¬†Accounts and permissions are reviewed on a regular basis to ensure that the principle of least privilege is maintained.

Data availability

  • Backups: Nestor‚Äôs production systems and data are backed up on a regular basis. All data is persisted in a database that has transaction logging enabled and is fully backed up daily.

Data isolation

  • Database:¬†Nestor maintains the customer¬†data¬†segregated from other customers‚Äô¬†data¬†through a dedicated database for each customer.
  • Dedicated server instance:¬†Nestor uses single-tenant application servers for enterprise customers.

Application security

Authentication

  • Customers can enable native Nestor authentication and/or Enterprise SSO for end-user authentication.

Role-Based Access Control

  • Access to Nestor‚Äôs systems is limited based on employee roles and responsibilities. Admins can provide limited-access permissions to certain accounts.

Testing and review

  • All changes to our application are subject to review and testing before being merged.

Separate environments

  • Nestor maintains segregated testing, development, and production environments.

Audit logging

  • User activities within Nestor are available in audit logs.

Vulnerability management

Penetration testing

  • Nestor‚Äôs team conducts regular penetration tests to identify deficiencies in the system that may affect critical assets.

Vulnerability scanning

  • Nestor conducts regular scans of our applications, systems, and infrastructure for security risks and vulnerabilities.

Code analysis

  • Nestor‚Äôs code repositories are regularly scanned for¬†security¬†issues using static code analysis.