NEXT is a remote-first company. Employees have limited access to NEXT infrastructure and systems and access is always provisioned on a minimum-necessary, least-privilege, basis.
β
Access is only granted on a need-to-use basis, based on the responsibilities and duties of the employee.
Physical data separation
Data is physically separated in different AWS accounts for Enterprise workspaces. During a support case, if it is absolutely necessary to view customer data to troubleshoot the issue, we will seek written permission from the customer first via email or via the support ticketing system. Any access to data must be approved by a manager and is only granted temporarily on a need-to-use-basis.
Authentication
Every NEXT employee has unique authentication details that identify them when accessing infrastructure systems, assets, and applications. Multi-factor authentication is enforced.
Physical controls
NEXT utilizes Amazon Web Services as the principal web application infrastructure. Amazon Web Services data centers feature a layered security model, including extension safeguards such as:
custom-designed electronic access cards
motion alarms and sensors
video surveillance
perimeter fencing
metal detectors
biometrics
NEXT employees do not have physical access to Amazon Web Services data centers, servers, network equipment, or storage.
β
β