Data Privacy and Security
Our customers’ continued trust is at the core of every decision at Nektar. We’re committed to investing in the highest market standards to maintain privacy, security controls, and compliance regulations.
Certifications and attestations
Data protection
Data retention
All customer data is purged from Nektar systems subsequent to contract termination.
Data encryption
Nektar encrypts all data at rest and in transit using robust and secure encryption algorithms. All connections to Nektar are encrypted using SSL.
Permissions and access controls
Data access and authorizations are provided based on the principle of least privilege.
Reliability
Data backup
All original and critical data gets backed up periodically. Backups get restored and tested frequently.
Data center
Nektar hosts all its software and customer data in Amazon Web Services (AWS) facilities. Amazon provides an extensive list of compliance and regulatory assurances, including SOC 13, and ISO 27001.
Incident handling
Nektar maintains a formal 6-step incident response plan to investigate, contain the exploitation, remediate the vulnerability, and write post-mortem documents that contain lessons learned to ensure consistency and ongoing improvements to our response process.
Third-party audits
Nektar undergoes independent third-party assessments to test security controls. Executive summary reports are available upon request, under NDA.
Background checks and security training
Every new joiner undergoes thorough background checks through an external agency. Every employee is mandated to undergo continuous security awareness and handling training multiple times a year.
Security
Third-party Penetration Testing
Nektar partners with a reputable external entity that performs penetration testing annually. Executive summary reports are available upon request and under NDA.
OAUTH 2.0
Nektar uses OAUTH 2.0 for authorization with Salesforce, Google Suite, Microsoft Office, and calendar platforms. With every connection, Nektar only requests authorization using vendor-specific SSO APIs.
Single Sign-on
Nektar supports SSO via Salesforce. User authentication can take place without the need to manage yet another account/password combination.
