What is the myLRQA Nettitude Client Portal?
The myLRQA Nettitude Client Portal is an online gateway that has been designed to help you manage your cybersecurity programme, securely access assurance testing findings, and view your forthcoming engagements with us under one centralized platform.
Within the Client Portal, you are able to view the full lifecycle of interactions with us; from scoping and authorizations, right through to scheduling, engagement management as well as reporting and valuable insights into your data.
The myLRQA Nettitude Client Portal has been engineered with a strong focus on security from its inception and built with an advanced data security model that has been purpose-built to protect client data, providing that additional layer of security.
Our robust approach enables you to efficiently access and utilize the results, fostering timely and interactive decision-making for your business. This approach also facilitates a thorough understanding of critical risks, empowering you to act promptly and effectively.
The myLRQA Nettitude Client Portal will undergo continual development and serve as the foundation for the delivery of future continuous testing services, offering increasingly tailored business insights to meet your unique needs.
Once you are set up with the myLRQA Nettitude Client Portal, you will gain access to many features, created to make your cybersecurity programme with LRQA Nettitude easier and safer to manage.
Main Features of myLRQA Nettitude Client Portal
Daily, weekly and monthly testing and monitoring.
Consolidation of Services
Complete and constant visibility over all services.
Digital Delivery of Testing Findings
All results are available as we find them, ready for review, remediation, and retesting.
Custom content, trends, findings, and remediation.
You manage all password policies and who has access.
Personal Account Manager
Your direct line of contact.
Benefits from secure interaction via the assured platform.
Why we developed the myLRQA Nettitude Client Portal?
At LRQA Nettitude, we understand the importance of timely and efficient support in fostering positive client relationships and are committed to addressing client concerns and improving our processes. MyLRQA Nettitude Client Portal allows us to streamline our delivery process, enabling you to swiftly access the necessary information and take prompt action when needed.
Testing is also seen as a one-off transactional service, rather than an ongoing monitoring process, with extensive data provided that is difficult to absorb and action. We want to provide the frequent support our clients are after and present them with ongoing data, so they are up to date with all their testing outcomes.
myLRQA Nettitude’s built-in Advanced Data Security Model
The myLRQA Nettitude Client Portal has been built with an advanced data security model that has been purpose-built to protect client data. The information below expands on how this operates and how this has been used to secure the data used within this platform.
Client Penetration test reports are one of the most sensitive types of data handled by LRQA Nettitude. However, when numerous reports are stored in one place, the more attractive a target it becomes for attackers.
Although client reports are always encrypted both at rest and in transit, this still provides limited protection, as the main security risks are vulnerability in the portal software or a malicious administrator.
We use decentralized client-side encryption to protect the most sensitive types of data within our client portal. This ensures all sensitive data within each project is encrypted using a separate key.
More about Our Solution…
Only named individuals or teams can access a key for encrypting projects. Access can only be granted to others by those who already have access. Having this root control of the database server and web server ensures no unauthorized access to any historical sensitive data. This data includes information that would directly facilitate an attack, such as penetration test findings and recommendations
Further information on the Advanced Data Security model can be provided upon request.
myLRQA Nettitude Client Portal FAQs
Where will my data be held?
All your data will be held within the region that you define when you register your account. The initial option is for the UK, but this will follow with the US, EU, and Singapore in time.
How do I know the portal is secure?
Robust security is architected into the solution from the start. Strong capabilities around monitoring and alerting as well as defensive controls are in place for the client portal.
Please book a technical call with us to receive a comprehensive explanation of the Client Portal security model and how the Client Portal services meet global data protection laws and requirements (including GDPR).
How do I get started with the myLRQA Nettitude Client Portal?
Onboarding sessions will be organized and emails with activation instructions will be shared with clients.
How do I navigate the myLRQA Nettitude Client Portal?
The client portal is designed to be user-friendly and offers an intuitive experience. We also provide an in-platform library of walkthrough resources to provide support and guidance. Additionally, our dedicated client success team is readily available to provide help when required.
How do I reach out for help?
An online form can be accessed from both the authentication screen and from within the portal itself. This is available to log incidents or service requests easily and simply. Client feedback is important to us as we launch this portal.
What browsers are supported?
Google Chrome and Microsoft Edge are the supported browsers at this stage.
Do you hold any cybersecurity certifications?
Yes, LRQA Nettitude is certified against ISO 27001 and Cyber Essentials Plus. We are also certified against ISO 14001 and 9001. Certificates can be provided upon request.
How will my data be segregated from other clients?
All data is segregated through robust encryption and security controls. The platform has been designed so that only your data can be accessed by authorized people and that any unauthorized access would render the data encrypted, unreadable and inaccessible.
You are given control over who has access to your data and over how the user authentication and data retention policies are implemented. This allows you to ensure they meet your own company’s standards and expectations.
What information do you store about my profile (cookies, metadata etc.)?
Cookies are rarely used on the Client Portal (They are used only to store JWT access and refresh tokens. The decoded JWT contains the user type and ID).
Local storage is used to permanently save information to the browser. The following is saved locally:
- Client name
- First/Last name
- Encryption key pairs
- User/Client IDs
What is my data retention period?
The Client Portal is a flexible platform that gives clients the ability to manage the service in line with their own data security policies. This means that clients can define their data retention periods and time.