Data Handling¶
This page describes how customer data is stored, processed, and transmitted in an NTWIST deployment.
Data residency¶
The default residency model is customer-resident: all customer process data, operational data, and operating models are stored and processed on customer infrastructure. NTWIST does not operate a multi-tenant public SaaS for its products.
Optional outbound flows (managed analytics, benchmarking) require explicit customer opt-in, are documented in the contract, and produce a customer-visible audit trail.
Data classification¶
NTWIST classifies customer data into four categories. The classification drives encryption, retention, and access requirements.
| Class | Examples | Default treatment |
|---|---|---|
| Public | Marketing collateral, documentation, public-facing product information | Standard web hosting |
| Internal | Architecture diagrams, configuration templates not specific to a customer | NTWIST internal access only |
| Confidential | Customer-specific configurations, deployment plans, operating models | Customer-resident, NTWIST access through zero-trust channel only |
| Restricted | Plant process data, recipes, operator credentials | Customer-resident, encrypted at rest and in transit, access logged |
Encryption¶
- In transit. All NTWIST product communication uses TLS 1.2 or higher. Plant-floor protocols that do not support TLS (legacy OPC DA, Modbus TCP) are isolated to a segmented gateway network on the customer side.
- At rest. Encryption at rest is enforced according to customer policy on customer-managed disks. NTWIST supports and recommends full-disk encryption on every host in the deployment.
- Credentials and secrets. Stored in a hardened secrets store (HashiCorp Vault, Azure Key Vault, AWS Secrets Manager, or equivalent). Plaintext secrets are not stored in code, configuration files, or logs.
Backups¶
Backups are configured per deployment, aligned to the customer's backup strategy. The standard pattern is:
- Daily backup of transactional and configuration data.
- Weekly full backup with daily incrementals for time-series data.
- Backups encrypted in transit and at rest.
- Quarterly restore testing as part of the deployment's DR program.
Retention¶
Default retention is set during deployment and aligned to the customer's data retention policy and regulatory requirements. Common defaults:
- Time-series tag data: 5 to 10 years on tier-one storage, with optional cold-tier archive.
- Transactional event data: 7 years.
- Audit logs: 1 year hot, plus 6 years archive (configurable).
Deletion¶
On contract termination, NTWIST removes its access to the customer environment within five business days. Customer data on customer infrastructure remains with the customer; deletion of data from the customer's own systems is a customer decision.
For data that has been processed by an opt-in NTWIST-hosted analytics or benchmarking service, the customer can request deletion at any time. Deletion is completed within 30 days and confirmed in writing.
Logging and audit¶
- All NTWIST products produce structured application logs and audit logs.
- Audit logs cover authentication events, authorization decisions, configuration changes, and data access events.
- Logs are shipped to a customer-controlled log destination (SIEM, ELK, Splunk, Sentinel) where one exists.
Telemetry¶
The NTWIST Platform emits operational telemetry (service health, resource utilization, error rates) to support our customer success engagement. Telemetry does not include customer process data, recipes, or operating model contents. Telemetry can be disabled in air-gapped deployments.