top of page

Last Updated: 2025

Security & Compliance Statement

Introduction

NeuroNeko is committed to maintaining strong cybersecurity practices, protecting client data, and ensuring that our services align with industry-recognized standards. This Security & Compliance Statement outlines our approach to data protection and operational security.

Security Framework Alignment

NeuroNeko aligns its practices with widely recognized frameworks, including:

  • NIST Cybersecurity Framework (CSF)

  • NIST SP 800-53 and 800-171 principles

  • CIS Critical Security Controls

  • ISO 27001/27002 best practices

We apply these frameworks as guidance to ensure consistent and responsible security operations.

Data Protection & Handling

We maintain safeguards to protect sensitive and confidential information, including:

  • Encryption during transmission (HTTPS/TLS)

  • Secure storage through trusted third-party hosting providers

  • Access control and least-privilege principles

  • Authentication and session management safeguards

  • Monitoring, alerting, and anomaly detection capabilities

  • Regular review of access logs and activity data

Client information is handled strictly on a need-to-know basis.

Confidentiality Commitment

NeuroNeko does not disclose client data without:

  • Written permission, or

  • A valid legal requirement (such as a court order)

All engagements can include a Non-Disclosure Agreement (NDA) upon request.

Operational Security Measures

  • Use of reputable security tools and hardened environments

  • Multi-factor authentication on business accounts

  • Role-based access controls (RBAC)

  • Segmented data environments where applicable

  • Secure file transfer and encrypted communication channels

  • Regular internal review of operational practices

  • Threat-informed advisory based on real-world intelligence

Incident Response

NeuroNeko maintains defined processes to respond to:

  • System anomalies

  • Suspicious behavior

  • Potential security incidents

  • Client-reported issues

Actions may include containment, investigation, communication, and remediation support.

Third-Party Services & Vendors

We use trusted vendors for hosting, analytics, secure communication, and storage.
These vendors must follow appropriate security and privacy practices.
However, we do not control their internal operations.

Client Responsibilities in Shared Security

Cybersecurity is a shared responsibility.
Clients must:

  • Provide accurate information

  • Maintain secure configurations

  • Implement recommended remediations

  • Patch their systems regularly

  • Protect their own login credentials

NeuroNeko is not responsible for third-party breaches or client-side misconfigurations.

Compliance Considerations

Depending on the engagement scope, our services may support client compliance efforts related to:

  • NIST frameworks

  • CIS Controls

  • HIPAA Security Rule (advisory only)

  • CMMC readiness

  • General cybersecurity maturity assessments

NeuroNeko does not certify compliance but offers advisory and best-practice alignment.

Contact Us

For questions about our security practices:
Email: contact@neuroneko.com
Website: www.neuroneko.com
Location: Crown Point, Indiana, USA

bottom of page