Security
This page outlines Nexkora's current security posture in clear, factual terms and explains how deployment model affects customer data handling and infrastructure control.
Security Approach
Nexkora considers security as part of product and deployment design. Our approach focuses on practical safeguards such as controlled access, least-privilege thinking, logging, configuration discipline, and deployment models that fit customer operational requirements.
Deployment Model
Nexkora supports deployment approaches that may include customer-hosted, on-premise, or other controlled environments depending on the use case and commercial arrangement. This allows customers to align platform deployment with their own operational, network, and security constraints.
Customer-Controlled Infrastructure Options
Where customer-controlled deployment models are used, operational data can remain within infrastructure selected and managed by the customer. This can reduce external exposure and support internal governance requirements, while still enabling Nexkora platform functionality appropriate to the chosen architecture.
Access Controls
Access to Nexkora environments and services should be limited to authorized users with role-appropriate permissions. Customers are responsible for internal user management, approval processes, and adherence to their own OT and IT security policies.
Data Handling
Nexkora is designed to handle operational and alarm-related data in support of service delivery. Depending on deployment model, data handling may include routing, logging, auditability, and support diagnostics. We aim to limit unnecessary exposure and support customer control over sensitive operational environments where applicable.
Shared Responsibility
Security in operational environments is a shared responsibility. Nexkora customers should continue to apply network segmentation, endpoint controls, account governance, monitoring, and any site-specific OT and IT safeguards required by their internal policies and regulatory obligations.
Responsible Disclosure
If you believe you have identified a potential security issue involving Nexkora, please report it responsibly and provide enough detail for review. Please do not attempt destructive testing, data access, service interruption, or other activity that could impact customers or systems.
Security Contact
Security reports and questions can be sent to contact@nexkora.io. Please include relevant details, affected pages or components, and any steps needed to reproduce the concern.
Updates
This page may be updated as Nexkora's deployment options, operational practices, or product controls evolve. The latest version will be published here with an updated date.