Official translation unavailable. Translate this page with Google:

NiceLabel makes significant efforts to ensure NiceLabel Cloud security.

We implement the latest security standards and perform automatic and manual NiceLabel Cloud security checks. We’re committed to providing you trustworthy service while applying policies, technologies, and controls to protect data you entrust to NiceLabel Cloud.

Layered security

NiceLabel keeps your systems and data secure in multiple ways.

Most security breaches don’t occur from someone breaking into cloud data centers. Instead, attackers typically exploit cloud application vulnerabilities. To prevent attacks, we combine multiple mitigation strategies and security controls to protect your resources and data.

Our layered security includes:

  • Employee education

  • Physical security

  • Network security

  • Web security

  • API-based cloud security

  • Data encryption

By running on Microsoft Azure, NiceLabel Cloud inherits many platform and infrastructure security approaches and best-practice implementations. Microsoft handles core data center security and inspects dataflows from the internet to help secure your network against intrusions and malware attacks.

We design cloud applications following modern security-conscious programming practices. We use encryption techniques and execute testing procedures to develop code and launch products.

Our development teams complete IT security-related training on software development to strengthen their information security awareness and experience.

Role-based access

NiceLabel Cloud authenticates with Microsoft and Google (Oauth2/OpenID Connect).

We integrate trusted providers into NiceLabel Cloud security to authenticate your user identities and protect your users from attacks. This allows NiceLabel to focus on core features and leaves identification to experts you know.

You can define your users with LDAP directory services or use your Microsoft Office 365 or Active Directory (AD) accounts (available as Azure Active Directory for cloud applications). NiceLabel Cloud does not include authentication mechanisms or custom authentication logic.

Database security

Database separation is essential and ensures you get additional layers of security.

You can only access your own assigned application database. You cannot access application databases directly with management applications or via API. Database ownership prevents other customers from accessing or reading any of your data.

Dependent on your NiceLabel Cloud subscription, you can access user-based cloud databases to store printing data and for daily intermediate master data exports from ERP systems. You don’t need user-based cloud database access to run NiceLabel Cloud web applications.

User database access is entirely customer specific. When you claim your user database, we create your first administrative account so you can manage your database and grant user access yourself.

Data encryption

NiceLabel encrypts your data to keep your business safe.

Your data can occupy two states in NiceLabel Cloud-- data in transit and data at rest. Your data can be exposed to risks in both states. NiceLabel Cloud uses encryption to protect data in transit and at rest from unauthorized access or theft.

Data actively moving between devices or networks across the internet is data in transit.

We protect your data in transit from local storage to NiceLabel Cloud storage. We encrypt your data in transit on one end and decrypt it on the other to prevent eavesdropping from unauthorized clients. NiceLabel Cloud uses modern data encryption communication protocols (TLS and HTTPS) for privacy and data integrity.

We encrypt your data when you connect to NiceLabel Cloud with:

  • Browsers. You can use any modern web browser to interact with our web applications.

  • NiceLabel clients. All our clients, including Designer, Print, Automation, and Web Client, use secure encrypted channels to request NiceLabel Cloud data and to send back logs and updates.

Data not actively moving between devices or networks across the internet is data at rest.

NiceLabel Cloud receives and stores your data in Azure SQL databases unique to you. We follow protective security measures to prevent anyone from accessing, modifying, or stealing your at-rest data:

  • Only you have access to product databases you own.

  • Your Azure SQL databases use transparent data encryption (TDE). TDE gives you real-time database encryption and decryption using AES 256 encryption algorithms.

API security

NiceLabel software uses Azure APIs for secure data exchanges and inter-application communication.

  • Service Bus: the communication system between mutually interacting software applications in service-oriented architecture. We use Service Bus to communicate with your on-premise infrastructure, either through cloud-connected IoT printers or cloud triggers (running in NiceLabel Automation). Service Bus creates outbound connections from your backend to NiceLabel Cloud and makes it possible to call your backend from the cloud.

  • Azure functions. Our published APIs for NiceLabel Cloud (Cloud Print API and Cloud Trigger API) call Azure functions for additional processing, which in return call the correct Service Bus endpoints. For example, when you execute “print” in Cloud Print API, NiceLabel Cloud generates a print job, knows where your IoT cloud printer is, and delivers your print job to your printer. We have traffic limits in place to prevent the abuse of APIs.

Health monitoring

NiceLabel continuously monitors your hosted system health with Azure Insight.

Insight automatically detects performance anomalies and includes powerful analytics tools to help us diagnose issues and improve products by understanding how our customers use NiceLabel Cloud.

We use Insight to:

  • Monitor abnormal traffic and respond quickly to possible threats.

  • Detect and respond to higher demands for services.

  • Continuously improve performance and stability

Testing

NiceLabel tests all code extensively to ensure safety and high quality.

Commonly exploited software vulnerabilities include defects, bugs, and logic flaws. Our development team strives to produce quality code through best practice techniques, including:

  • Pair programming

  • Recurring code reviews

  • Adhering to secure code standards

  • Running multiple tests

Our general policy is to automatically test everything we can. We perform continuous regression testing for each release throughout the lifecycle of our software to ensure industry-grade quality standards.

In addition to our experienced internal testing teams, we continuously contract third-party security assessment specialists to make sure our software is safe, secure, and ready for you to use.

Internal testing

NiceLabel development teams design and execute an expansive array of manual and automated tests for each new software build.

We increase the number of tests and the number of test team members for final testing before releases. Any security flaws we detect results in writing new automated tests to prevent problems from appearing again.

Third-party security assessments and penetration testing

NiceLabel contracts third-party IT security specialists for major and minor releases.

Our security experts access our software like our customers, but use their expertise to assess our web and desktop applications to identify exploitable vulnerabilities. Testing involves building custom threat profiles to uncover security vulnerabilities specific to our applications and web technology.

Our third-party security testers use the OWASP Testing Guide for test execution and verification. The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software.

Acceptance in regulated environments

NiceLabel testing is compliant and trusted by customers in regulated industries.

NiceLabel Cloud customers in regulated industries including healthcare, pharmaceuticals, medical device manufacturing, food & beverage, and others rely on test results we provide.

We will also work with you to perform tests with your own testing tools and procedures.