Build Faster, Go Further

Security

Trust in a CMS that protects your brand credibility

Security is one of the most important aspects of running a website. Failing to keep it up may lead to data loss, income loss, credibility loss, and potential lawsuits. And your CMS is the digital foundation that defines your capability on securing your content and data. Choosing Nimvio as one of the most secure CMS available on the market is not without reason. You can always examine it from three aspects, namely the security in the application, the security in the CMS operation, and the standards and policies adopted.

Our in-app security armaments

Password Policy

Nimvio implements a strong password policy to prevent unauthorized access via login screen. We adopt best practices to keep your credential from being hacked.

2-Factor Authentication

Nimvio allows you to add a second factor other than password for user authentication in the login screen. This ensure that only you the one who can access your Nimvio account.

Access Control List

You can regulate user access and permission to define allowed actions up to content and media level. It helps to prevent any harms to your business-critical content.

Content Scanning

In Nimvio, every content is scanned against blacklisted words and phrases that perceived as potential malicious code. If detected, they will be automatically removed by Nimvio.

File Upload Scanning

Every time you upload a file to Nimvio, it will be scanned against viruses and malwares. Thus, you can rest assured that your storage is free from vulnerabilities.

Audit Trail

Nimvio have audit for you to inspect any creation, modification, and deletion to your files. It can inform you on who is the actor, when is the time, and what are the changes made.

Our CMS operation

Network Protocol

Nimvio uses the HTTPS protocol to transfer data securely between your browser and your website. Thus, you are protected against security attacks such as phishing and eavesdropping.

AWS Environment

Nimvio is powered by AWS virtual private cloud so your data is not open to public. Our apps and APIs are also safeguarded by AWS web application firewall to prevent bots and exploits.

Security Testing

Vulnerability assessment and penetration testing (VAPT) and source code scanning are regularly performed to ensure that Nimvio is secure from hacking attacks.

Our standards and policies

ISO 27001

We are a company with ISO 27001 certified. ISO 27001 covers information security management system (ISMS) that includes all legal, physical, and technical controls.

OWASP

Our security testing is based on OWASP (The Open Web Application Security Project). This ensure that Nimvio is armored against cyber attacks and operational failures.

Your privacy is critically important to us. Nimvio has privacy policy that provides information on how and why we collect, use, share, store and delete your data.