Security and Compliance¶
NTWIST products handle customer process data, operating models, and identity information. This section summarizes our security posture, data handling practices, and access controls.
Sections¶
- Overview: NTWIST's compliance posture and the principles behind our security program.
- Data Handling: how customer data is stored, processed, and transmitted.
- Access Controls: authentication, authorization, and personnel access to customer environments.
Summary¶
| Topic | Position |
|---|---|
| Compliance posture | SOC 2 Type I in active audit, 2026 |
| Default data residency | Customer infrastructure, no data egress by default |
| Encryption in transit | TLS 1.2 or higher, enforced |
| Encryption at rest | Enforced on customer-managed disks per customer policy |
| Identity | SSO via customer identity provider (SAML or OIDC) |
| Personnel access to customer environments | Zero-trust gateway, MFA, fully logged |
| Penetration testing | Periodic third-party assessment |
| Vulnerability management | Continuous scanning, defined remediation SLAs |
Contacting NTWIST security¶
For security questions, vulnerability reports, or compliance documentation requests, contact your customer success lead, or reach NTWIST security through the Contact page.