NEXT is a remote-first company. Employees have limited access to NEXT infrastructure and systems and access is always provisioned on a minimum-necessary, least-privilege, basis.

Access is only granted on a need-to-use basis, based on the responsibilities and duties of the employee.

Physical data separation

Data is physically separated in different AWS accounts for Enterprise workspaces. During a support case, if it is absolutely necessary to view customer data to troubleshoot the issue, we will seek written permission from the customer first via email or via the support ticketing system. Any access to data must be approved by a manager and is only granted temporarily on a need-to-use-basis.

Authentication

Every NEXT employee has unique authentication details that identify them when accessing infrastructure systems, assets, and applications. Multi-factor authentication is enforced.

Physical controls

NEXT utilizes Amazon Web Services as the principal web application infrastructure. Amazon Web Services data centers feature a layered security model, including extension safeguards such as:

  • custom-designed electronic access cards

  • motion alarms and sensors

  • video surveillance

  • perimeter fencing

  • metal detectors

  • biometrics

NEXT employees do not have physical access to Amazon Web Services data centers, servers, network equipment, or storage.

Did this answer your question?