NewiredNewiredNewired

Trust Center

Newired's Security and Privacy

Security and Privacy are built into Newired’s core principles. Newired empowers users to decide whether to collect data, giving them control over analytics.

Newired maintains rigorous privacy and security standards, ensuring compliance with global regulations to earn and keep the trust of its customers worldwide.

Our Security

At Newired, safeguarding our customers’ information is our top priority. We firmly believe that ensuring robust privacy depends on implementing robust security measures

We engage extensive measures to protect your data, tailored to the specific characteristics of the personal information and the potential threats it may face. Our ongoing commitment is to continuously enhance this shelter in order to maintain the security of our customers’ personal data.

  • Confidentiality
  • Integrity
  • Availability

Confidentiality is a core pillar of Newired's security approach. We protect it through data encryption, strict access controls, data minimization, secure infrastructure, employee training, NDAs, regulatory compliance, third-party scrutiny, and incident response plans.

We maintain data integrity through various mechanisms and practices such as: encryption, access controls, monitoring, redundancy, change management, data validation, and compliance with industry standards and regulations. 

Availability is a crucial aspect of security at Newired, as it ensures that our services and systems are accessible and operational when needed. The key elements of Newired's availability-focused security strategy include redundancy, load balancing, backup and disaster recovery, continuous monitoring, scalability, and incident response.

Your Privacy

What sets us apart is our unique offering:

Newired is the only Digital Adoption Solution that empowers you with the authority to choose whether data is collected or not, what type of data is collected (anonymous or private), and where the data is stored.

Trust Center

Compliance

Does your organization comply with the General Data Protection Regulation (GDPR)?Yes

Is your organization SOC 2 Type II compliant?

On Roadmap for 2024

Is your organization ISO27001 compliant?
Yes

Product Security

Does your product offer self-serve user management for adding, removing, and managing existing users?
Yes

Can users sign in to your product using security assertion markup language (SAML) single sign-on (SSO)?
Yes

Can users sign in to your product using single sign-on (SSO)?

Yes

Can authentication of system users be done using Kerberos or mTLS?

Content creators can be authorized using OAuth2/OpenID Connect standards, including Kerberos, to capture and record content.

When integrating with a business application, the user identity passed to Newired can be obtained from the application. We offer an API and customization support to facilitate this type of integration.

Is an AD or LDAP connection for user rights supported?

Content creators can be authorized using OAuth2/OpenID Connect standards, including AD, to capture and record content.

LDAP in roadmap for 2024.

If traffic between your backend and frontend/client components must be encrypted.

Our solution satisfies this requirement by utilizing the HTTPS protocol to encrypt all traffic between the backend and frontend/client components. This encryption ensures that all communication is secure, and any content transferred between the backend and frontend/client components is fully encrypted. If the underlying application and server providing content are also using HTTPS, this further strengthens the security of the traffic.

Data Security

.Does your organization encrypt data in transit?

In our organization, internal communication adheres to a standard procedure without encryption. On the other hand, external communication is encrypted to safeguard data when transmitted outside our network.

Privacy

Does your organization have a privacy policy?
Yes

Does your organization have a data retention policy defining where and for how long data is stored or archived?
Yes

Does your organization have a data processing addendum or agreement outlining its terms for the processing of personal data?
Yes

Does your organization have a procedure that enables individuals to request to have their personal data erased from its data storage systems?
Yes
Please write to security@newired.com

Does your organization have a dedicated data protection officer (DPO) who ensures compliance with privacy laws and regulations on personal data?
Yes
Please write to security@newired.com

Which data does Newired collect from final users?

APPLICATION PRIVACY POLICY – Newired Digital Adoption Solution

Can Newired take control of the underlying application?

No, Newired does not have the capability to take control of the underlying application. Newired’s platform is designed to provide interactive guidance and user support within existing applications, enhancing the user experience and facilitating user onboarding. It does not possess any invasive control over the underlying applications themselves. Instead, Newired operates as an overlay, offering guidance and support features that help users navigate and utilize the application more efficiently. Its purpose is to assist users in understanding and maximizing the functionality of the application without interfering with its core operations or functionalities. This approach ensures that the integrity and security of the underlying applications remain intact while providing users with an improved and intuitive user experience.

Cloud hosting setup

Our cloud setup at Newired is fortified with enterprise-level security and single tenancy, ensuring the utmost protection and confidentiality of sensitive data. We monitor our systems in real time, perform regular manual maintenance, including software updates, and have a dedicated server and network administrator overseeing these tasks. This comprehensive approach guarantees that our clients’ data is safeguarded, allowing them to focus on their core business activities with peace of mind. Our commitment to providing a secure and reliable cloud environment reflects our dedication to maintaining the highest standards of data protection and service excellence.

When the contract expires, can I get my data/content/etc. back to be reused somewhere else?

Absolutely, at Newired, we understand the importance of data ownership and portability. When your contract with us expires, you retain full ownership of all your data and content. We do not claim any ownership rights over the data or content you have created or uploaded onto our platform. As part of our commitment to transparency and customer satisfaction, we ensure that you can easily download and export all your data and content from our platform, enabling you to reuse it or migrate it to another platform of your choice. This process empowers you with the freedom to manage your data according to your specific needs and preferences.

Incident Management and Response

Does your organization have a data breach notification policy that outlines how users will be notified of an unauthorized disclosure of their data?
Yes

Does your organization have an incident response plan to help employees detect, respond to, and recover from network security incidents in areas like cybercrime, data loss, and service outages?

Guidelines for managing operations and responding to incidents necessitate the logging and examination of incidents, followed by appropriate actions, such as implementing system changes if required.

A documented formal plan for incident response and a standardized form for reporting incidents are in place to instruct employees on the procedures for reporting security breaches and incidents. The incident response plan ensures a structured approach to resolving and escalating reported events. It also incorporates protocols for notifying both internal and external users of incidents, advising them on necessary corrective measures, and mandating a “postmortem” review.

Availability and Reliability

Does your organization use service monitoring tools to evaluate the health of its servers?

Newired utilizes tools to measure processing queues, ensuring the timely processing of incoming data and real-time monitoring of results. It identifies any lost data during processing, automatically creating alerts for the Engineering team. The Engineering team promptly addresses these alerts. When processing errors occur within Newired’s application, the company follows the change management process, initiating a change ticket to investigate and resolve the error.

 

Certifications and attestations

Newired is ISO 27001 certified, and our hosted customers benefit from SOC 2/SOC 3 compliant hosting providers.

You can download our ISO 27001 certificate.

ISO/IEC 27001

Information Security Management
System (ISMS)

Ready to discover how Newired DAP can drive digital transformation, provide data flexibility, and ensure security in your enterprise?