Security & Trust
NexaSec is built as a security-first service. Our operating model, access methods, and data handling practices are designed to minimise risk and meet modern compliance expectations.
Access Model
- ✔ Read-only access by default
- ✔ No configuration changes without written approval
- ✔ No shared credentials
- ✔ Principle of least privilege
Data Handling
- ✔ No firewall configuration data stored long-term
- ✔ Logs reviewed but not retained unless agreed
- ✔ Secure communication channels only
- ✔ Client data never shared with third parties
Operational Security
- ✔ Change control and approval processes
- ✔ Environment segregation
- ✔ Continuous improvement and review
- ✔ Incident-aware operating procedures
Standards Alignment
- ✔ Fortinet best-practice alignment
- ✔ CIS benchmark awareness
- ✔ Audit-friendly reporting
- ✔ Cyber-insurance readiness support