Security is our product — and our practice.
We hold ourselves to the standards we help you meet. Here's how Nitiqo protects your data, your tenants, and your evidence.
Data protection
Encryption in transit (TLS 1.2+) and at rest (AES-256). Secrets held in a managed vault; least-privilege access throughout.
Tenant isolation
Strict multi-tenant separation enforced at the data layer with row-level security, so one customer can never see another's data.
Identity & access
SSO via OIDC and SAML, SCIM provisioning, enforced MFA, and fine-grained role-based access control with full audit logging.
Data residency & sovereignty
Choose where your data lives. Cloud, on-prem, or air-gapped deployment for sovereign and defence-grade requirements.
Secure SDLC
Code review, dependency and secret scanning, and least-privilege CI/CD. Changes are tested and traceable end to end.
Monitoring & response
Continuous logging and monitoring with a defined incident-response process and customer notification commitments.
We run Nitiqo on Nitiqo
Our own program is built on the same continuous-compliance engine we ship to you — mapped to leading frameworks and monitored in real time.
- ISO 27001 aligned
- SOC 2 aligned
- GDPR & DPDP ready
- NIST CSF 2.0 mapped
- Documented sub-processors
- Vendor due diligence
Found something? Tell us.
We welcome reports from security researchers. If you believe you've found a vulnerability, email us and we'll acknowledge promptly and work with you on a fix. Please give us reasonable time to remediate before any public disclosure.
security@nitiqo.comWant our security package?
Request our security overview, sub-processor list, and architecture details under NDA.