What is NIS2
NIS2 (Network and Information Security Directive 2) is the European directive that requires organisations in essential and important sectors to have their cybersecurity in order. The directive sets requirements for risk management, incident reporting, supply chain security, and technical security measures. Belgian organisations fall under the Belgian transposition of this directive.
How iGuana iDM v7 addresses NIS2
iGuana iDM v7 provides the technical foundation for your document management system to address NIS2 requirements at the software level. For existing customers, the upgrade is not a new purchase: your licences are already in place. It is an execution of what is already available.
JWT, AES-256, and audit logging
JWT authentication: time-bound tokens, cryptographically signed, integrable with Active Directory and Azure AD. AES-256 encryption: the current standard, replacing outdated DES and RC2. Password storage with PBKDF2 hashing instead of MD5. Audit logging: every API call is logged with user, timestamp, and action, forming the basis for the audit trail that NIS2 requires.
Security hardening
Security hardening is not a default setting but custom work per client environment: TLS 1.3 configuration with disabling of insecure versions. CORS security so services only accept traffic from approved origins. HTTP security headers (HSTS, X-Frame-Options, Content-Security-Policy). Rate limiting on login against brute-force attacks. Debug mode disabled in production. Secured database connections to SQL Server.
Upgrade path
Step 1: Intake and scope, inventory of your current environment and migration planning. Step 2: Installation of v7 on your server, database migration, and validation. Step 3: Security hardening, specifically configured for your environment. Step 4: Go-live guidance, user validation, and follow-up. The entire process is guided by our consultant, step by step, without disrupting your operations.