Security & Compliance


The protection and security of our client’s remote workforces and business data is fundamental to everything we do at NordLayer. As part of Nord Security, it’s in our DNA to ensure compliance and data security best practices are in place at all times.

We also understand that businesses in many industries need to meet compliance standards to ensure they are protecting and managing sensitive data in a way that is deemed secure by globally recognized institutions. 

Our information security management systems are certified according to ISO 27001 and support powerful AES-256 military-grade encryption, which ensures business data can’t fall into the wrong hands.

Additional to preventing data loss, NordLayer also guards against unauthorized access to your company network and allows you to set granular access permissions and policy enforcement. Through network control features such as IP allowlisting, businesses can ensure that sensitive data in the cloud is secure and cannot be accessed or shared with unauthorized users. 

Multiple layers of security can also be implemented, such as 2FA and SSO,  in order to ensure network access and company data is only available to those who are recognized and validated.

More on ISO 27001

We’re proud that NordLayers' information security management systems are certified according to ISO 27001.

The entire certification achieved is ISO/IEC 27001:2013 — relating to the information security management system (ISMS) for Nord Security. 

  • This is a set of policies and procedures for systematically managing an organization’s sensitive data. 
  • The goal of an ISMS is to minimize risk and ensure business continuity by proactively limiting the impact of a security breach.
  • An ISMS typically addresses employee behavior, processes, data, and technology. It can be targeted towards a particular type of data, such as customer data, or it can be implemented in a comprehensive way that becomes part of the company’s culture.
  • The goal of ISO 27001 is to provide a framework of standards for how a modern organization should manage its information and data. 
  • Risk management is a key part of ISO 27001, ensuring that a company understands where its strengths and weaknesses lie. ISO maturity is a sign of a secure, reliable organization that can be trusted with data.

How does an ISO/IEC 27001 certification benefit our clients? 

An ISO/IEC 27001 certification serves as a safety barometer for an organization’s information security landscape and with this in place, NordLayer clients and prospective clients alike can have peace of mind that fundamental procedures and controls are in place to protect their data via a formal information security management system. 

  • Ensuring data can only be adjusted by trusted and authorized users.
  • Assessing the risks and proactively mitigating potential data breaches. 
  • Align management processes with business risk strategies and client needs. .

ISO 27001 & NordLayer

The certificate was issued by TÜV Thüringen and applies to NordLayer, NordWL, and NordPass Business.

ISO/IEC 27001:2013 is the leading international standard on information security. The standard is based upon three pillars: 

  • Confidentiality
  • Integrity
  • Availability

NordLayer will be rigorously audited to follow the necessary procedures and policies to meet the highest information security management standards.   

The benchmark certification obliges Nord Security to continue running the recommended risk assessments and internal audits at least once a year – while continuously training existing employees and new hires on information security policies and best practices. 

H0kldUe8.png

Certificate Validation

You can check the validity of an organization’s certification issued by TÜV Thüringen on their website

If you would like to view our certificate, please reach out to support@nordlayer.com


Return to top