Data shared during the eDiscovery process is highly sensitive and confidential.

At eDiscovery Collab security is incredibly seriously, and we only work with platforms that employ second-to-none security practices.

Nuix Discover has an uncompromising commitment to upholding the security of data. In addition to strong encryption and safeguards at every level, Nuix complies with internationally recognised information security standards including physical, administrative and technical controls. They engage highly trained security professionals and employs a 24-hour security operations centre.

Nuix approaches data security from five angles;

  • Software development lifecycle: Their software development lifecycle includes formal design reviews, peer review, static and dynamic code analysis and external third-party application security tests.
  • Data encryption at rest and in transit: Nuix encrypts client data at rest using AES 256 encryption and in transit using SSL certificates.
  • 24-hour monitoring: Nuix utilises security information and event management technology and monitors activity across all its systems from a 24/7 security operations centre.
  • Security team: Nuix employs specially trained professionals who have worked for military, law enforcement and intelligence agencies and security software and consulting firms. Their skills include intrusion detection, vulnerability management, malware reverse engineering, penetration testing, cryptography, application development and security as well as digital forensics and incident response.
  • Administering safeguards: All Nuix personnel undergo police background checks in the jurisdictions where they work. Their employees are contractually required to store, process and transmit all client information in the strictest of confidence. 

In addition to this multifaceted approach to security, all Nuix environments are protected by:

  • Next-generation antivirus software, network intrusion prevention systems and host-based intrusion prevention systems.
  • Firewalls throughout the software environment using granular access control lists.
  • Network-based data loss prevention systems.
  • Regular scans for known vulnerabilities, misconfigurations, missing patches and insecure services.
  • Regular patches to systems and applications.

Nuix has received security certifications from:

  • the Australian Cyber Security Centre’s Information Security Registered Assessors Program (IRAP), and
  • the Australian Prudential Regulation Authority CPS 234 regulation for Australian financial institutions and their suppliers.

Nuix is also compliant with ISO 27001, 27017 and 27018 information security standards and is a member of the Cloud Security Alliance.