What are you looking for ?
Search

Technical measures to secure Nextlane France ISs

SERVICES NEXTLANE

Access to Nextlane France premises and the Datacenter

  • Physical access control system: Internal: badge, reinforced access for certain sensitive areas (closed server rooms, etc…), video surveillance cameras, alarms, etc…
  • Datacenter under the responsibility of the host: secure access in accordance with the iso27001 standard.

External access to the Nextlane France network

  • Firewall protection
  • Segmentation of the VLAN network
  • WIFI encryption and password-controlled access
  • Port filtering of VPNs from external partners
  • Nominative access controls to URLs
  • IPS > tool integrated into the firewall – Currently being implemented
  • Blocking of ports
  • Backup of network logs
  • Protection of data exchanges via secure data flows (TLS/SSL, https, sftp…). In the process of being implemented

I.S. access rights management

  • Procedure for managing access rights and deactivating accounts
  • Password change policy
  • Password policy (complexity, regular changes…)
  • User awareness raising
  • “Administrator” profiles (strong rights) separated from “User” profiles (office tools)
  • “Administrator” accesses managed individually

Availability of services

  • High availability for hosted offers: Automatic provision of a new host within 15 minutes in case of failure.
  • Redundancy of equipment
  • CENTREON supervision console
  • Business Continuity Plan > In the process of implementation
  • Dual data centre (active/passive) > Under implementation

Malware protection

  • Publisher monitoring policy (system + middleware)
  • Patching policy
  • Anti-malware (and anti-virus)
  • Url and port filtering
  • SMTP gateways
  • Backups and restorations
  • Raising user awareness (charter of good practices)
  • Punctual inventory to detect potential non-conformities and vulnerabilities

Loss or theft of equipment

  • Authentication procedure
  • Encryption of workstations
  • Remote deletion of discs and mobiles
  • Centralized configuration management

Backup policy for physical equipment, software components or data

  • Regular backups adapted to the life cycle of the object concerned
  • Backup of configurations and Maintenance in Operational Conditions (MCO) procedures Being implemented

Exchange of data

  • Policy on data output rights and duties (Charter of Good Practice)
  • Encryption, anonymization and pseudonymization > In the process of implementation
  • Contractual framework with the partner (NDA – confidentiality clause, data deletion clause…)
  • Limitation of internet access

Application of security update

  • Patch management policy
  • Standardization and obsolescence management project
  • Automation of equipment patching with the supplier
  • Raising the awareness of the technical teams
  • Internal control systems (ad hoc control within the entity’s internal control framework)

Management of a subcontractor / supplier (IoT)

  • Incorporation of contractual termination clauses in the event of negligence
  • Regular operational review with the subcontractor
  • Incident management and notification to the supervisory authority and/or to the persons concerned
  • NDA
  • SLA
  • Reporting
  • Precautionary checks on the financial health of the subcontractor. Partner VPN access control