Trust Center
Trust in the reliability of our services and the security of your data
At Nexthink, Information Security, Data Privacy, and Compliance are our top priorities. We are committed to maintaining the most demanding business processes and protocols in support of these. Our Trust Center is here to help you understand what we are doing to ensure the utmost security, privacy, and compliance in all products and services that we provide.
Nexthink maintains a comprehensive set of certifications and attestations which validate our commitments. Read below for more information.
AICPA’s System and Organization Controls (SOC) 2 Type 2 is a report on the suitability, design, and operating effectiveness of Nexthink’s controls, over a monitoring period, to achieve the related control objectives set forth in the Trust Services Criteria (TSC) - security and availability.
The International Organization for Standardization (ISO) 27001:2013 standard provides guidance for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS) to manage risks related to the security of data owned or handled by Nexthink.
ISO 27017:2015 standard provides guidance for implementing cloud-specific information security controls in the cloud computing environment.
ISO 27018:2019 standard provides guidance for implementing measures to protect Personally Identifiable Information (PII) in the cloud computing environment.
ISO 27701:2019 standard provides guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS) for Nexthink’s role as a PII processor.
ISO 27017, ISO 27018, ISO 27701 controls supplement the guidance of the ISO 27001 standard. Nexthink undergoes annual surveillance audit, and renewal every three years, for these ISO standards.
CSA Star Level 1 – Nexthink has made available documents related to securing sensitive data in the cloud to Cloud Security Alliance (CSA) Security, Trust & Assurance – Level 1.
Privacy
Our customers’ security and privacy is our highest priority. We make every effort to protect the privacy of our customers’ data and provide our customers complete transparency into our practices.
For more information please visit our Global Privacy Hub.
Responsible Disclosures
We take security seriously at Nexthink. As part of our ongoing commitment to provide a best-in-class cloud service, we leverage independent third parties to help us strengthen our security. If you think you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner by emailing us at responsible-disclosure@nexthink.com.
For more information, please see the Nexthink Responsible Disclosure Policy.
