Nextworld recognizes that choosing a cloud-based solution can be a difficult task. One of the ways we make it easier for you is by implementing controls based on industry standards and ensuring we meet regulatory requirements. Nextworld is using the National Institute of Standards and Technology (NIST) Cybersecurity Framework and associated standards as a basis for our internal compliance program and then evaluating that program against the Trust Service Criteria with the Service Organization Controls (SOC) 2 examinations. Our approach to compliance is to provide transparency into how we are ensuring the confidentiality, integrity, and availability of your information and assisting you in meeting your compliance objectives.
We have certified our internal controls with the Service Organization Controls (SOC) reports in order to provide further confidence in the Nextworld services. In 2020, a third-party auditor completed the examination of Nextworld controls and issued the SOC 1 Report and SOC 2 Report relevant to Security, Availability, and Confidentiality for the Nextbot Platform and Nextworld Application Modules. Each year, the third-party auditor conducts another examination and reissues the subsequent reports. If you have questions concerning our SOC reports, please contact you service provider or the Nextworld Compliance Team at [email protected]
In addition to certifications and standards, Nextworld is responsible for ensuring we are compliant with local, federal, and international laws, regulations, and statutes of the jurisdictions that we and our customers operate in. Nextworld continuously monitors global legal actions to identify and address regulatory requirements that impact our services to you.
Nextworld’s security model allows you to adhere to the principle of least privilege, and limit who has access to personal and sensitive data. In addition to restricting access to applications, you can provide access to applications while restricting access to specific data in the application and restricting actions the user can take on the data.
Nextworld also provides you with data inventory capabilities that assist you in complying with regulatory requirements to maintain records of processing activities, conduct risk assessments, and fulfill data subject requests. With the Data Privacy Inventory application, you can classify data inside of Nextworld, define owners, and document data processing activities.
Compliance and Security Officer, CISSP, CCSP
Micah has been in the enterprise software industry for over 20 years. He has served in various roles over the years including software engineer, product manager, program manager, solution architect, and implementation specialist. He is also a 14-year veteran of the U.S. Army, where he served as an officer in military operations and intelligence. Micah has a passion for helping people and tackling complex problems with simple and innovative solutions.