Security & compliance
Built for the accountability public safety demands.
The systems that dispatch help and keep records can't be an afterthought on security. Nexus PSS is designed around least-privilege access, a complete audit trail, and data handling that holds up to oversight.
Immutable audit trail
Every incident and unit state change is written to an append-only audit log — who did what, and when — so any call can be reconstructed after the fact.
Role-based access control
Access is governed by per-agency security groups carrying granular permission flags, not broad roles — people can see and do only what their job requires.
Modern authentication
Passwords are hashed with bcrypt and sessions are signed tokens. Administrators provision and deprovision accounts within their own agency.
Multi-tenant isolation
Each customer is a separate tenant. Data, configuration, and limits are isolated per tenant, and cross-tenant access is never permitted.
Open-records & FOIA ready
Audit-grade records and exports are designed to satisfy open-records requests with a defensible, complete trail.
CJIS-conscious design
Built with the CJIS Security Policy in mind — access control, auditing, and data handling. Full compliance also depends on hosting and agency policy; we work through the specifics with you.
Shared responsibility
Security is a partnership.
We build the platform to a high bar; your agency controls policy and access. Knowing where the line sits is part of a clean deployment.
What Nexus PSS provides
- Append-only audit logging of incident and unit actions
- Granular, per-agency permission model
- Encrypted transport (HTTPS) and signed sessions
- Tenant data isolation
- Role and account administration tooling
What your agency controls
- Who is granted access, and to which permissions
- Agency retention and disposition policy
- Hosting environment and data-residency requirements
- CJIS personnel clearances and local policy
- Open-records request handling and review
On the record
If it happened, it's logged.
Nexus PSS follows a simple invariant for operational changes: write it to the database, broadcast it in real time, and record it to the audit trail. That third step is what makes the record defensible.
✓ incident.created
✓ incident.status_changed
✓ incident.closed
✓ unit.signedon
✓ unit.status_changed
✓ unit.transferred
✓ narrative.added
✓ login / account changes
Have specific compliance requirements?
CJIS, state incident-based reporting, retention schedules, data residency — requirements vary by state and agency. Tell us yours and we'll walk through exactly how Nexus PSS maps to them, and what's configured versus shared.
Security capabilities described here reflect the platform's design and configuration options. Certification status and the specific controls in force for your deployment are confirmed during procurement and depend on your hosting environment and agency policy.
See Nexus PSS in your dispatch center
Book a guided walkthrough tailored to your agency — dispatch, field, records, and mapping, with your workflows in mind.