Your security is our security

You are entrusting us with your users, and we are committed to keeping their information safe, aiming to be the best in class for this task.. We use Nblocks ourselves and treat security as an integrated part of our product development process. This ensures that the highest security standards are always built into everything we create. We are ISO27001 certified, GDPR compliant, and undergo weekly pen tests. Every one of these efforts is a symbol of our ongoing commitment to data security and privacy protection.

Data protection

Highest standards of protection

At NBlocks, we prioritize the security of your data in every aspect. This includes encryption for all data 'at rest'—encompassing our file stores, document stores, and databases.

Additionally, when data is 'in transit', it is protected with TLS 1.3 encryption. This is similar to the HTTPS protocol you commonly see in your web browser, which uses TLS as its foundational encryption layer.

Moreover, we regularly back up all data to ensure its safety and have established thorough restoration protocols. This approach ensures that your data is not only secure but also reliably recoverable.

Server Security

At NBlocks, we're dedicated to providing flexible and secure hosting solutions. Our primary datacenter is hosted in AWS Ireland, with the option to select other AWS locations globally. Similarly, for Azure datacenters, we offer a variety of location options.

NBlocks operates within a Virtual Private Cloud (VPC) in Amazon Web Services (AWS), renowned for their rigorous adherence to the highest standards of both physical and digital data protection.

Furthermore, all datacenters we partner with are equipped with top-tier security certifications such as ISO 27001 and SOC2, guaranteeing the utmost protection for your data."

GDPR compliant

Compliant by design

We are fully committed to GDPR compliance as part of our unwavering dedication to safeguarding your personal data. All our AWS resources are collected in a Virtual Private Cloud (VPC) in an AWS data center within the EU (Ireland).

Transparency, data minimization, consent, robust security measures, a dedicated Data Protection Officer, and a commitment to swift data breach response are pillars of our approach. We respect the rights under GDPR, which include the right to access, correct, delete, or transfer your data, as well as the right to withdraw consent.

ISO 27001 certificated

Systemized information security

Nblocks is certified according to the internationally recognized standard ISO/IEC 27001:2013 which provides a framework for information security management.

By undergoing the certification process, we implemented an information security management system further ensuring nblocks follows industry best practices when it comes to managing the security and confidentiality of our information and data.

Minimum effort, maximum security

Security - a key in our dev process

We work with code reviews, automated tests, and vulnerability scans. The software includes automated tests that test known ways of penetrating the software and trying to access resources that should not be granted. Every code change is reviewed from a security perspective and only the CTO can approve a code change for a production release.

Pro-active & frequent pen testing

We use an independent third party that continuously monitors our applications for known weaknesses and vulnerabilities. We also use AWS Trusted Advisor to scan and keep the infrastructure protection up to date.

Always up-to-date with latest patches and updates

Nblocks reviews its frameworks and updates on a recurring basis with a monthly security review. Vital patches and upgrades are prioritized in our 2-week sprint schedule, and our team can initiate an escalated update of the system if a critical update is released from any framework used.