Nozomi Networks Vantage Data Privacy
Vantage Data Privacy
Effective as of June 1, 2021
Nozomi Networks’ Vantage service is deployed as a SaaS platform that allows Customers to monitor and analyze their globally deployed Guardian sensors using a centralized interface.
Vantage provides a secure environment for the transmission, processing, and storage of the Customer data. The selection of data transmitted to Vantage is determined by the Customer.
Nozomi Networks does not access or manage the Customer data, unless authorized by the Customer.
Customers securely transfer data to the Vantage application in regions which are served out of GDPR compliant AWS data centers.
The EU Vantage Regions are served out of AWS data centers in Europe.
The EU1 Vantage Region is served from Frankfurt, Germany.
3. Data Protection and Security
Nozomi Networks takes security of Customer data very seriously. Nozomi Networks works hard to protect the information provided by the Customer to Vantage from loss, misuse, and unauthorized access or disclosure. The sensitivity of the information transmitted, processed, and stored, and the current state of technology is taken into account.
Nozomi Networks has received internationally recognized security certifications. Details about current practices and policies regarding security and confidentiality of Vantage, are available in Security Practices.
4. Data Storage and Retention
All data in Vantage is encrypted in transit and at rest.
Data is kept for 90 days. Customers may ask to extend the retention upon agreement with Nozomi Networks. Should the Customer decide to leave Vantage, all the related data will be securely destroyed from Nozomi Networks’ systems.
5. Classification of Data
The Customer selected data sets may contain personally identifiable information (PII), which is generally related to IP numbers and MAC addresses of systems connected to the Customer’s network.
Relevant data sets in Vantage with potential presence of PII:
- Alerts are generated from Guardian sensors and relate to some anomalous network activity.
- Alerts may contain IP addresses of involved entities, which are relative to the Customer’s equipment. If the Customer is monitoring promiscuous networks where personal equipment of Employees is permitted (BYOD), MAC addresses, IPs and DPI-extracted data may contain PII like user ID, email address, etc.
Assets and Nodes
- The list of Assets reflects the Customer’s equipment. It may contain Assets which are Employee’s PCs and mobile devices, and in case the Customer is monitoring promiscuous networks where private equipment of Employees is permitted (BYOD), IPs and DPI-extracted data may contain PII (MAC addresses, IP numbers and Asset labels).
- DNS requests, HTTP URLs etc. are stored in this table.
- This table may contain information related to PII as it can capture the activity of Employees.
- The synchronization to Vantage if this table is disabled by default.
- Comments within Vantage can contain the username of the Employee.
- When importing information from external systems, the Customer can enrich and add custom fields, which may potentially contain PII since the input of such custom fields is not managed by Nozomi Networks.
Links and Sessions
- Contains relationships between Assets or Assets and external IPs.
- It may contain a trace of the activity of Employees.
- Reports may contain a combination of all the above data, composed into a PDF report.
- Variables are transferred and captured into the network, which are part of the Customer’s industrial processes.
- If the Customer’s industrial processes include any PII, Variables will contain them.
- An audit item contains the activity of users or systems; therefore, it may contain the username and all general user activity in Vantage, CMC, and Guardians.
- It may contain name and surname of Employees and partners/contractors. The Customer may decide to use a user ID (e.g. Employee ID) instead of the username.