1. Our commitment
CloudNexus Hosting Inc. ("CloudNexus," "we," "us") maintains administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of customer information and hosted services.
This Security Policy describes the controls we apply to our platform. It supplements our Terms of Use and Privacy Policy and does not replace any agreement you have with us for specific products.
2. Infrastructure security
Production systems run in monitored data-center environments with network segmentation, firewalls, and intrusion-detection tooling. Critical patches are evaluated on a risk basis and applied according to our change-management process.
- Encrypted connections (TLS) for customer-facing websites, control panels, and APIs where supported.
- Role-based access for employees with least-privilege principles and multi-factor authentication for administrative systems.
- Regular backups for hosting products, with restoration testing on a scheduled basis.
- DDoS mitigation and rate limiting at the network edge for shared and managed services.
3. Account and authentication
You are responsible for safeguarding your account credentials, API keys, and two-factor devices. We strongly recommend enabling two-factor authentication on your CloudNexus account and using unique passwords for each service.
We may suspend access immediately if we detect credential compromise, brute-force activity, or use of your account in violation of our Terms of Use.
4. Data handling
Customer content stored on our servers remains your property. We access account data only to provide support, maintain service quality, comply with law, or prevent abuse—consistent with our Privacy Policy.
Payment card data is processed by PCI-compliant payment partners; CloudNexus does not store full card numbers on our application servers.
5. Malware and abuse
Hosted accounts must not be used to distribute malware, operate botnets, send unsolicited bulk email, or host phishing content. Automated and manual reviews may be performed when abuse is reported or detected.
Optional security add-ons (such as malware scanning and SSL products) provide additional layers but do not guarantee that third-party software on your site is vulnerability-free. You remain responsible for updating applications you install.
6. Incident response
If we confirm a security incident that affects your account or hosted data, we will investigate, contain, and remediate using documented procedures. Where required by law or contract, we will notify affected customers without undue delay.
Report suspected security issues to support through our Contact page. Please include relevant domain names, timestamps, and log excerpts when available.
7. Your responsibilities
Security is shared: keep software updated, remove unused plugins, restrict file permissions, and review DNS and email forwarding changes. Domain WHOIS privacy reduces public exposure of personal data but does not replace secure site configuration.
8. Policy updates
We may revise this Security Policy as our services and regulatory landscape evolve. Material changes will be posted on this page with an updated effective date. Continued use of CloudNexus services after changes constitutes acceptance of the revised policy.