Security & deployment

The boring parts. Documented.

Security, access, data, deployment, and audit requirements are reviewed with IT before rollout. This page describes platform capabilities and review areas; it does not claim certifications or legal compliance for any customer environment.

Deployment

Deployment options. Responsibilities documented.

Cloud

The default. Managed by NexliOne.

  • Managed operating model
  • NexliOne-led platform maintenance
  • Residency requirements reviewed before rollout
  • Backup and support terms documented
  • Good fit for standard deployments
Best for Most companies, most of the time.

Self-host

Your environment. Clear responsibilities.

  • Run inside a customer-controlled environment
  • You control the upgrade cadence
  • Use approved storage and key-management controls
  • Telemetry and support access reviewed up front
  • Engineering support via your account team
Best for Regulated industries, sovereign-data jurisdictions, or strict procurement constraints.

Air-gapped

For restricted-network requirements.

  • Scoped for qualified restricted environments
  • Manual update process reviewed with IT
  • External dependency assumptions documented
  • Support boundaries defined before production
  • Availability depends on contract scope
Best for Highly restricted environments that require explicit network and support boundaries.

Capabilities

What IT should review.

Architecture

NexliOne is designed around explicit identity, authorization, logging, and deployment boundaries. The specific control set for a customer environment is reviewed during implementation planning and documented in the applicable agreement or security materials.

  • Identity-aware access to modules and administrative functions
  • Authorization checks aligned to user roles and responsibilities
  • Operational logging for security and support review
  • Deployment responsibilities documented before production

Encryption controls

NexliOne is designed to use encryption for data at rest and in transit. Exact encryption settings, key-management options, and customer responsibilities are confirmed during IT due diligence for the selected deployment model.

  • Encryption for data in transit
  • Encryption for stored application data where supported by the deployment model
  • Key-management responsibilities reviewed with IT
  • Additional protection options for sensitive fields where required

Identity and access

Single sign-on, multi-factor authentication, and user lifecycle requirements are reviewed as part of rollout planning. Supported identity patterns are confirmed against the customer environment before production.

  • SSO planning with the customer identity provider
  • MFA requirements documented before rollout
  • User and role provisioning approach agreed with IT
  • Administrator access controls reviewed before production

Role- & attribute-based access

Permissions can be scoped by module, role, record, and operational responsibility. Separation-of-duties requirements should be captured during implementation so finance, operations, and IT agree on who can see, approve, and change sensitive records.

  • Module-level role design
  • Record and field access requirements where needed
  • Separation-of-duties review for approval workflows
  • Delegated administration options by role or business area

Audit trails

Administrative actions, workflow changes, approvals, and selected data changes can be logged so finance and IT have evidence for review. Export format, retention, and monitoring expectations are confirmed during rollout planning.

  • Actor, action, target, and timestamp capture for scoped events
  • Workflow and approval history where configured
  • Audit export requirements reviewed with IT
  • Retention expectations documented by deployment model

Controlled deployment options

NexliOne supports controlled rollout planning for customers with security, procurement, residency, or network requirements. Responsibilities are documented before production so your team knows what it owns and what NexliOne owns.

  • Managed and customer-controlled operating models can be reviewed
  • Restricted-network requirements can be scoped where needed
  • Update responsibilities documented before production
  • Telemetry and support-access expectations reviewed with IT

Data residency

Data location, transfer, retention, and backup requirements are reviewed before production. The final residency model depends on the selected deployment option, customer requirements, and applicable contract terms.

  • Residency requirements captured during IT review
  • Customer-controlled environment option can be scoped where appropriate
  • Data transfer expectations documented before rollout
  • Backup and retention responsibilities reviewed with IT

Compliance posture

NexliOne can support compliance-oriented workflows, but the website does not claim certifications or legal compliance for a customer environment. Any regulatory, privacy, security, or audit obligation should be reviewed with qualified advisors and documented in the customer agreement.

  • Security questionnaire support during buyer review
  • Data-processing terms reviewed during contracting
  • Audit evidence and workflow exports where configured
  • Regulatory requirements scoped by industry and deployment

Backup & disaster recovery

Backup, retention, restore testing, and disaster-recovery expectations are defined by deployment model. Recovery objectives should be documented before production and reviewed against the customer's operational risk profile.

  • Backup frequency and retention reviewed before rollout
  • Restore testing expectations documented with IT
  • Recovery objectives scoped by deployment model
  • Self-host responsibilities defined with the customer team

Talk to us

See what NexliOne would cost for your business.

Tell us what you run today, which processes hurt most, and what you are paying now. We will map the right modules and give you a realistic next step.

  • Scoped demo and rollout review
  • Standard implementation scoped in
  • Finance and operations modules