Evaluating OT security solutions? Check out our buyer's guide.
Get the Guide
Academy
Labs
Careers
Partner Login
Support
search bar

Nozomi Networks Vantage Data Privacy

Effective as of June 1, 2021

1. Summary

Nozomi Networks’ Vantage service is deployed as a SaaS platform that allows Customers to monitor and analyze their globally deployed Guardian sensors using a centralized interface.
Vantage provides a secure environment for the transmission, processing, and storage of the Customer data. The selection of data transmitted to Vantage is determined by the Customer.
Nozomi Networks does not access or manage the Customer data, unless authorized by the Customer.

2. Infrastructure

Customers securely transfer data to the Vantage application in regions which are served out of GDPR compliant AWS data centers.
The EU Vantage Regions are served out of AWS data centers in Europe.
The EU1 Vantage Region is served from Frankfurt, Germany.

3. Data Protection and Security

Nozomi Networks takes security of Customer data very seriously. Nozomi Networks works hard to protect the information provided by the Customer to Vantage from loss, misuse, and unauthorized access or disclosure. The sensitivity of the information transmitted, processed, and stored, and the current state of technology is taken into account.
Nozomi Networks has received internationally recognized security certifications. Details about current practices and policies regarding security and confidentiality of Vantage, are available in Security Practices.

4. Data Storage and Retention

All data in Vantage is encrypted in transit and at rest.
Data is kept for 90 days. Customers may ask to extend the retention upon agreement with Nozomi Networks. Should the Customer decide to leave Vantage, all the related data will be securely destroyed from Nozomi Networks’ systems.

5. Classification of Data

The Customer selected data sets may contain personally identifiable information (PII), which is generally related to IP numbers and MAC addresses of systems connected to the Customer’s network.
Relevant data sets in Vantage with potential presence of PII:

Alerts

  • Alerts are generated from Guardian sensors and relate to some anomalous network activity.
  • Alerts may contain IP addresses of involved entities, which are relative to the Customer’s equipment. If the Customer is monitoring promiscuous networks where personal equipment of Employees is permitted (BYOD), MAC addresses, IPs and DPI-extracted data may contain PII like user ID, email address, etc.

Assets and Nodes

  • The list of Assets reflects the Customer’s equipment. It may contain Assets which are Employee’s PCs and mobile devices, and in case the Customer is monitoring promiscuous networks where private equipment of Employees is permitted (BYOD), IPs and DPI-extracted data may contain PII (MAC addresses, IP numbers and Asset labels).

Captured URLs

  • DNS requests, HTTP URLs etc. are stored in this table.
  • This table may contain information related to PII as it can capture the activity of Employees.
  • The synchronization to Vantage if this table is disabled by default.

Comments

  • Comments within Vantage can contain the username of the Employee.

Imports

  • When importing information from external systems, the Customer can enrich and add custom fields, which may potentially contain PII since the input of such custom fields is not managed by Nozomi Networks.

Links and Sessions

  • Contains relationships between Assets or Assets and external IPs.
  • It may contain a trace of the activity of Employees.

Reports

  • Reports may contain a combination of all the above data, composed into a PDF report.

Variables

  • Variables are transferred and captured into the network, which are part of the Customer’s industrial processes.
  • If the Customer’s industrial processes include any PII, Variables will contain them.

Audit Items

  • An audit item contains the activity of users or systems; therefore, it may contain the username and all general user activity in Vantage, CMC, and Guardians.

User

  • It may contain name and surname of Employees and partners/contractors. The Customer may decide to use a user ID (e.g. Employee ID) instead of the username.

Privacy

Confidentiality of Information Sharing of Information Data Under the TLP Protocol
Nozomi Networks Data Requests
Nozomi Networks Cookie Policy
Nozomi Networks Privacy Policy and Legal Notices

Terms & Conditions

Nozomi Networks Vantage Terms of Use and Service Level Agreement
Nozomi Networks RMA Procedures and Policies
Optimization Agreement
Health Check Agreement
Training Agreement
Nozomi Networks, Inc. Fast Track Service Agreement
Workorder Agreement
Nozomi Networks Professional Services & Terms Conditions
Hardware as a Service (HaaS) Program Guidelines
End User License Agreement (EULA)
Nozomi Networks End of Life Policy
Nozomi Networks DPA Addendum
Nozomi Networks Customer Support Terms and Conditions
Nozomi Networks Vantage Data Privacy

Business Practices

Nozomi Networks Vulnerability Disclosure Policy
Nozomi Networks Code of Ethics and Business Conduct
Nozomi Networks Anti-Bribery & Anti-Corruption Policy
Global Trade Compliance
Sustainability Policy
Equity, Diversity, and Inclusion Policy

Certifications

Nozomi Networks Certifications ISO 27001:2013
Nozomi Networks Certifications ISO 9001:2015
Nozomi Networks Certifications

Subscribe

LinkedIn

Demo

PLATFORM

Platform OverviewVantageCentral Management ConsoleGuardianArcAsset IntelligenceThreat IntelligenceSmart Polling

Professional Services

OverviewDesignDeploymentFast TrackOptimizationProject Management

Solutions: Business needs

Threat Detection & ResponseContinuous Network MonitoringAsset Inventory ManagementRisk & Vulnerability ManagementIoT SecurityData Center Cybersecurity

Solutions: Compliance

NERC CIPNIS2 DirectiveTSA Security Directives

Solutions: Industry

AirportsElectric UtilitiesHealthcareFederal GovernmentManufacturingMaritimeMiningOil & GasPharmaceuticalRailRetailSmart CitiesWater & Wastewater

Learn

PartnersResourcesCompanyContact UsAcademyCareersLabsLegal
© 2023 Nozomi Networks Inc. All Rights Reserved. Privacy Policy and Certifications. System Status.