Compliance and certification

Hero de Haan

Hero de Haan

Sales & Business Development Manager

We zorgen voor uw cloud transformatie op een manier die betrouwbaar en secure is.

De transformatie van omgevingen en services naar de cloud heft grote voordelen, maar brengt ook een aantal uitdagingen met zich mee die goed geadresseerd dienen te worden.

Of u nu een IaaS of PaaS gebruikt voor uw eigen native cloud applicaties of u bestaande systemen wilt migreren, of de voordelen van SaaS wilt plukken, onze cybersecurityspecialisten kunnen ervoor zorgen dat uw nieuwe omgeving op een goede manier wordt opgezet.

Met de hulp van onze cloud security experts kunt u ervan verzekerd zijn dat wat u ook in de cloud maakt of gebruikt op een veilige manier tot stand komt en dat de risico’s tot een acceptabel niveau zijn teruggebracht.


Privacy Consulting

The Personal Data Act and EU’s forthcoming General Data Protection Regulation (GDPR) define that organizations have an obligation to protect personal information against unauthorized use.
With Nixu's privacy services, you can ensure that personal information is handled according to laws and regulations, while minimizing information-related risks. Nixu can also help you to prepare a privacy policy as well as descriptions of file.  


PCI Onsite Assessment

PCI Onsite assessment is the assessment service for all parties that store, process or transmit cardholder data. We have experience in assessing different organization types such as large retail chains, small cafés, global service providers, payment gateways, airlines and banks. We don’t only assess, but help the customer in achieving and maintaining compliance as well.

The service is designed to be effective and cause minimal disruptions to the organization’s day-to-day operations. The assessment is divided into phases: Scoping, Documentation Review, Technical Tests and Site Visits, Interview and Observation sessions, Reporting and Closeout meeting. Each phase is carefully designed to guarantee a successful assessment with minimal disruptions.

User Data Protection, Privacy and GDPR

We help you to protect your data; in use, in transit or at rest. Whether you gather data directly from the end-users (given data) or indirectly by using profiling tools, sensors and devices (collected data) you must do it in a transparent and privacy ensuring way. When analyzing the collected data, whether on-premise or in cloud, you need to ensure only correct parties have access to it and the results. With the help of our experts in privacy jurisdiction, identity and access management and cloud security, you can be assured that the privacy requirements are taken into account.

Privacy by Design

Our Privacy by Design service aims at introducing privacy-related actions and controls as part of your product development and maintenance process. Our goal is to make your teams self-sufficient, by transferring skills and methods such as privacy impact assessments, and creating privacy requirements for your development teams. Additionally, we will support your legal with contractual reviews and work with your business to help you differentiate on your market via privacy. To ensure success, our tech-savvy privacy lawyers and security experts will be part of your team or advise you as needed.

Collaborator security audit

The Collaborator Security Audit Service provides customers possibility to verify that security status of their partners and collaborators does not create unacceptable risks, the contractual requirements for security are followed and that the processes and security governance of collaborators is sound and according to industry best practices. Nixu auditor will identify business critical assets, which are exposed to collaborators, and either verifies that contractually agreed security controls are protecting these assets or that the assets are protected based on industry best practices.

PCI PA-DSS Services

PA-DSS services are intended for all vendors that develop payment applications. We can help in preparing for the validation, in remediating the non-conformities and in performing the actual validation. The PA-DSS validation service results in a validated payment application that is listed on PCI Security Standards Council’s web page. In addition, we provide a PA-DSS Preparation service that includes training, gap-analysis and a roadmap for achieving the validation. We also provide ongoing support as part of the Nixu Catalyst compliance management and support service.

PCI Preparation

PCI Preparation service is the initial step to PCI compliance. We train customer’s key personnel to understand PCI and its requirements. We focus on minimizing the customer’s PCI environment so that compliance can be achieved more cost effectively. The most important outcome of the service is a roadmap that contains clear tasks to be performed in order to become compliant. For each task, a cost estimate is provided and responsibilities defined. The roadmap can be further refined to become a project plan.

The next step after the PCI Preparation phase is usually remediation phase. We support this phase, and help ensure that compliance can be maintained also after the assessment.

  • White paper: GDPR and reporting obligation in data security breach
  • Hero de Haan

    Hero de Haan

    Sales & Business Development Manager

Related blogs