Security Solutions

Data and Security Measures

The privacy and security of your data is our top priority.We have put in place a variety of measures to ensure that your data is protected, secure and preserves your privacy.

As a first step, Needl has chosen to be an ad-free business model.

We have built Needl to scale the exponential growth in volume and demand for data—and meet the growing need, complexity, and importance of data security.

We continue to pursue and update security certifications that matter to our users’ data security and privacy. Currently, we are ISO 27001, and SOC 2 Type 1 certified. Needl also maintains all AWS compliance obligations.

A snapshot of the security features Needl offers:

Dotted pattern bg Needl
Accesibility Icon

You own your data, we don't

Our revenue is through subscription fees and not through ad sales on your data.

Dotted pattern bg Needl
Security Icon

We don't see, touch, or hold your data

Your data is safely hosted in a securely configured AWS cloud infrastructure.

Dotted pattern bg Needl
 Data Security Icon

Only you can view or share your data

We are ISO/IEC 27001: 2013 certified, which ensures the protection of information security.

Dotted pattern bg Needl
Data Privacy Icon

You can delete your account at any time. We do not retain any of your data.

We are SOC 2 Type 1 certified, which ensures privacy and processing integrity of data.

Secure 3rd Party Authentication

Needl uses OAuth 2.0 protocol (token-based authentication) to connect to third-party data providers such as Google Drive, Evernote, OneNote, OneDrive, Twitter, Gmail and many others. We will never ask for your credentials to these services and will securely store the authentication token that is generated by the service when you authorize our access.

Enterprise-Grade Data Protection

  • All our datacentres (Amazon AWS) are PCI, SOC, FINRA, and ISO27001 compliant.
  • Your data is transferred with high-grade TLS and multi-layered encryption at rest with AES-128.
  • Our cloud infrastructure and APIs undergo independent, periodic penetration testing, security scans, threat
    detection, and grey-box assessment by third party security professionals.

So, go ahead and try Needl without worrying about your data!​

Security and Privacy Architecture of Needl

Security and Privacy Architecture Needl Ai Data Security and Privacy

Certifications

BSI Certification Icon

ISO/IEC 27001: 2013 certification

Needl is ISO/IEC 27001: 2013 certified. This essentially means that the Information Security Management System (ISMS) of Needl addresses and covers the protection of all data and its related information security aspects.

AICPA Certification

SOC 2, Type 1 certification

SOC stands for System and Organizational Controls. This certification provides customers the assurance that Needl’s system requirements and service commitments are achieved based on the trust service criteria relevant to Security, Availability, Confidentiality, Privacy and Processing Integrity, outlined in TSP section 100, 2017 Trust Service Criteria for Security, Availability, Confidentiality, Privacy and Processing Integrity (AICPA, Trust Service Criteria).

Cloud Security

Needl’s security program isenhanced with additional operational and security controls by using establishedpublic cloud hosting providers.

Product Security

Needl follows industry-wide best practices to write code and develop their software application ensuring excellent code quality. Regular testing of the application is also carried out to screen for software vulnerabilities.

Corporate Security

All applications, systems and networks- primary and ancillary are configured and monitored using best security practices. These security practices are an integral part of Needl and are broadcasted and followed throughout the organization.

Physical Security

Needl monitors its corporate facilities and ensures that the physical offices and Needl’s infrastructure and hardware are protected.

Infrastructure

Physical Access Control and Logical Access Control

Needl’s infrastructure is designed to have physical access and logical access controls. Needl uses AWS, which is a sub-service organization to manage the physical access to its resources. Logical access control is managed by Needl themselves.

Needl has implemented three layers of architecture while configuring and aligning their physical infrastructure with AWS:(a) Public Network Layer; (b) Application Layer and (c) Data Layer. Each of these layers are designed in a way that safeguards data security and data privacy.

Authentication and Access Control

Signed URLs

When a user clicks on specific documents or images to view the data, Needl returns signed urls to them after first verifying that   the user has access to the content. This signed URL is valid only for a limited duration. Needl receives  this URL in their data store and verifies that the URL is from a legitimate user and is tamper free.

AWS Cognito

Needl user login and password information is stored on AWS’s Cognito Service which is secure and supports compliance for a variety of standards such as SOC2, ISO 27001 etc. You can view more details here: (https://aws.amazon.com/cognito/details).
In addition, every data access request made to Needl services is authorized via AWS Cognito. This means that no one other than the authenticated user can view or retrieve their data.

Integrations with other Applications

Wherever possible, we use the OAUTH2.0 (https://oauth.net/2/) authentication standard to authorize Needl to sync your applications. Needl does not store login credentials and passwords for any of these applications. Instead, Needl stores the access and refresh tokens for these applications in a secure database which is encrypted. The user has the right to revoke access for Needl to sync with these applications at any time. For applications like WhatsApp, Needl requests a two-factor consent from the user which includes an OTP and QR code scan. The resultant session cookies are stored in a secure and encrypted form in our data stores.

Encryption

AWS KMS Encryption

All our data in Amazon is stored using Amazon’s AWS Key Management Service. This service uses a 256-bit key length encryption, both for our s3 data stores and in our search index. Once again, this ensures that only the individual user can access their data.

AWS KMS service is a server-side encryption for data at rest. Server-side encryption is the encryption of data at its destination by the application or service that receives it.

TLS Encryption

All data that is transmitted within our servers and to your browser has TLS encryption and is secure.

Cloud Security Architecture

We host the Needl application on proven public clouds, which means that as a Needl customer, you will inherit the robust standards of cloud security maintained by our cloud partners. Currently, Needl uses AWS and Google Cloud as partners and builds on top of it to maintain the highest and best security practices.

Cloud Infrastructure

Public Cloud Facilities.

Public cloud data centers have multiple physical and environmental controls in place in their facilities to protect customer data from theft and loss. Needl application is managed in such data centers to take advantage of their security features.

Data Security Architecture

Needl has applied the best practices for its security architecture. API Gateway to the Needl application provides a single point to filter attacks and secure authentication via AWS Cognito.

Redundancy

Needl hosted customer servers use a cloud-based distributed backup framework to reduce redundancy.

Availability and Durability

The Needl application is designed in a way that is can be hosted by various public cloud data centers across the globe and not limited to AWS and Google Cloud.

Monitoring and Authentication

Access to Customer Data

Needl’s customer data requires various levels of approval and authentication before it can be accessed.

Network and Application Vulnerability Scanning

Needl regularly scans its front-end application and back-end infrastructure to check for known security vulnerabilities.

Centralized Logging

Needl stores the logs from its production and corporate environments in a central location. This is monitored and alerts are triggered if a possible security threat is detected.

Reputation
Monitoring/Threat
Intelligence

The collected logs and all network activity are checked against commercial threat intelligence feeds for potential risks.

Anomaly Detection

Any irregular or unusual activity out of the ordinary is flagged and triggers an alarm. An example of this could be an unexpected authentication activity.

Data Security Encryption

AES Encryption

Needl uses AES encryption to encrypt and secure itslocally stored data such as sensitive application data, database connection configurations and cached query data.

Secure Credential Storage
and Encryption

Needl does not have access to user passwords. Usernames and passwords are secured using AWS Cognito which is a cloud-based user account control service.  

TLS Encryption

Data in transit is encrypted and secured from theuser's browser to the application via TLS 1.3. This is the latest version of the TLS protocol and is designed to facilitate data security and privacy for communications over the internet.

Product Security

Code Development

Needl follows a standardized documented SDLC processto develop its code. The process listed contains guidelines on code testing andreview before it can be moved to the production phase. This ensures that alldevelopers are on the same page and the quality of code is maintained.

Peer Review and Unit Testing of Code

Peer Review is a software quality assurance activity that helps maintain the level of consistency in the design of the software. Needl reviews every written code before it is committed to the master code branch of the Needl application.

Functional and unit tests are performed using automated tools as part of the quality assurance process.

Routine Developer Training

Software Developers have regular training on secure coding practices that Needl implements.

TLS Encryption

The automated code quality tests that Needl conducts specifically target areas such as injection flaws, input validation and CSRF token usage to ensure that it is all proper and no vulnerabilities are detected in the code.

Regular Third-Party Penetration Testing

Needl performs regular third-party penetration tests also known as pen tests against the Needl application and its hosted environment. This test evaluates the security of the system and identifies both strengths and weaknesses in the system.

Single Sign-On

Needl provides SAML-based single sign-on for users. This has significant advantages over using username and password. It also offers support for SSO solutions from Google Apps, OneLogin, and SAML.

Responsible Disclosure

Needl is connected with the security community at large and runs a responsible disclosure program to facilitate security vulnerability reporting.

Due diligence- Security of Third-Party Service Providers

All third-party service providers associated with Needl go through an annual security review.

Corporate Security

Needl has robust security protocols that secure Needl office spaces and materials containing sensitive information. Needl also invests in properly vetting and training staff to ensure that there is an organization-wide appreciation for data security.

For more information, see Needl's Privacy Policy.

Personnel and Third Parties

Security Organization

Needl has established a dedicated information security function responsible for security and data compliance across the organization.This initiative is led by the Chief Security Officer (CSO).

Policies and Procedures

The various security policies and procedures implemented at Needl are strictly adhered to and the security culture and responsibility is communicated clearly to all its employees.

Background Checks

A background check is conducted before hiring an employee or signing with contractors.
All individuals or vendors associated with Needl are expected to sign confidentiality agreements.

Security Awareness
Education

All new hires have to complete mandatory security training as part of their initial induction and training with Needl. Apart from this, employees receive routine security awareness training to keep up with changes and updates. Measures are taken to confirm employee adherence to company security policies. Needl employees have constantly reminded of security best practices through informal and formal communications.

Vendor Management

The Vendor Management Program run by Needl ensures that all third parties associated with Needl are compliant with an expected level of security controls.

Risk Management

Needl maintains a strong Security Risk Management Program. The CSO of Needl chairs the Security Steering Committee periodically.

Incident Response

On-call

Needl has a Security and Operations team available 24/7 to respond immediately to security alerts and events.

Policies and Procedures

In case of a security breach that occurs, Needl maintains and adheres to the documented Incident Response Plan.

Incident Response Training

Training is provided to all employees at Needl on Security Incident Response Processes, including the right communication channels to report or escalate any security incident.

Data Security, Privacy and Compliance

Needl's security practices ensure that the use of your data is transparent, safe, and respectful. Needl's Compliance Team perform regular assessments to check that the controls are designed and operating correctly and that identified risks are mitigated appropriately.

Please read our Privacy Policy for more details if you don't see your question answered here.

Ready to get Started!

Connect icon

Select and connect your information sources

Plus Icon

Prioritize and customize
your feed

Share icon

Process information
and share insights

Request AccessGet Started for FreeRequest a Demo
Close Icon

Request a Demo

Thank you

Thank you! Your submission has been received!

Please fill the required field.
Close Icon

Request Access

Thank you! Your submission has been received!

Thank you

Thank you! Your submission has been received!

Please fill the required field..

By registering you have read and agree to the
Terms of Use and Privacy Policy