What makes ViVeSec Box different from a traditional backup?

ViVeSec Box is a closed, immutable appliance: backups are physically and logically isolated, ransomware cannot access or modify them. This is not guaranteed with classic backups.

How long does it take for business to recover after an attack?

Intact data stored on the ViVeSec Box is immediately available – there is no multi-day recovery phase. Full recovery of protected systems is a function of the recovery time, which is orders of magnitude shorter than restoring traditional backups from tape or the cloud.

What environments is it compatible with?

Windows servers and workstations, file servers, network file shares (SMB/NFS), and S3-compatible storage integrations. A detailed list will be provided during the request for quotation.

Where is the data stored?

On your own infrastructure. ViVeSec Box does not send data to third parties; all data and access are controlled solely by you.

What does the CRYSTALS-Dilithium signature and quantum resistance mean?

ViVeSec Box uses NIST-approved CRYSTALS-Dilithium post-quantum signatures to verify the integrity of saved data, combined with AES-256 symmetric encryption. This means you gain reliable long-term data integrity against current and future quantum computer attacks.

Does ViVeSec Box meet the requirements of NIS2 and DORA?

Yes. ViVeSec Box meets the immutable backup, audit log, access control and incident management capabilities required by NIS2 at the same time as deployment. For DORA-regulated financial institutions, recovery time (RTO) of less than 60 seconds and measurable business continuity are of particular value.

How is ViVeSec Box different from cloud-based backups?

Cloud-based services store backup data on the provider's infrastructure - making it vulnerable to compromise or inaccessible in the event of a service outage, and data stored with third parties is generally not acceptable in most regulatory systems. ViVeSec Box operates in your own infrastructure, with isolated, immutable storage, without external dependencies.

Do you need a dedicated IT team to operate ViVeSec Box?

No. The ViVeSec Box is a closed, hardened appliance that operates autonomously after deployment: firmware updates and security patches are managed by ViVeTech, and daily operation is limited to checking audit logs and alerts. Detailed admin tasks are included in the user manual.

Fill out the request for quote form and we will contact you within 1 business day to map your environment and select the right configuration.

Compliance & Regulation

Compliance frameworks – which are supported by ViVeSec Box by default

ViVeSec Box is not just a technical protection, but an auditable compliance platform. The requirements of the following frameworks are architecturally and documented in the product - not as an after-the-fact module.

NIS2 EU Directive

NIS2 – Network and Information Systems Security

The EU NIS2 Directive imposes strict cybersecurity requirements on critical and important organizations – with obligations for recovery, incident management and business continuity.

How ViVeSec Box helps

Immutable, ransomware-resistant backup (NIS2 Article 21 – risk management measures)
Business continuity and recovery capability with documented RTO
Incident management capability: rapid recovery after an attack with auditable steps
Access control (RBAC), 4-eye principle for critical operations
Tamper-evident audit log for supervisory investigations

GDPR EU · Regulation

GDPR – General Data Protection Regulation

GDPR is the EU's General Data Protection Regulation, which imposes obligations on controllers and processors of personal data - integrity, confidentiality, availability.

How ViVeSec Box helps

On-premise storage – data does not leave the customer's infrastructure
AES-256 encryption at rest and in transit
Exportable audit log of data processing operations
Auditable implementation of data erasure requests (“right to be forgotten”)
Rapid recovery after a data breach (Art. 32 – technical and organizational measures)

ISO 27001 International Standard

ISO/IEC 27001 – Information Security Management System

ISO 27001 is the leading international information security standard. With ViVeSec Box, a significant part of Annex A controls can be technically implemented.

How ViVeSec Box helps

A.8.13 Information backup – immutable backup with WORM storage
A.5.30 ICT readiness for business continuity – Instant Recovery
A.8.3 Information access restriction – RBAC + 4-eye principle
A.8.15 Logging – tamper-evident, exportable audit log
A.8.24 Use of cryptography – AES-256 + CRYSTALS-Dilithium (NIST PQC)

CE EU · Compliance

CE marking – placing on the EU market

The ViVeSec Box has a CE Declaration of Conformity – the legal basis for placing on the EU market and certain public procurement procedures.

How ViVeSec Box helps

EMC – electromagnetic compatibility
LVD – low voltage electrical equipment
RoHS – Restriction of Hazardous Substances
EU-MADE – supply chain transparency

CC International Certification

Common Criteria – Security Target

ViVeSec Box comes with a Security Target document prepared according to the principles of Common Criteria (ISO/IEC 15408), which formally describes the resources to be protected, threat models and security functions. The architecture is based on the principles of EAL 2 assessment level.

How ViVeSec Box helps

TOE (Target of Evaluation) and its boundaries are precisely defined
Threat Models and Security Objectives
Safety Functional Requirements (SFRs)
Hardware TPM root-of-trust with documented initialization
EAL 2-based design and testing practices

UK CE UK · Certificate

UK Cyber Essentials

The UK's basic cybersecurity certification, which requires 5 essential controls. ViVeSec Box also technically supports the following controls.

How ViVeSec Box helps

Firewalls and routers – out-of-band management, network segmentation
Secure configuration – closed, dedicated platform, reduced attack surface
User access control – RBAC + 4-eye principle
Malware protection – immutable storage, ransomware-resistant architecture
Patch management – priority security patches as part of the license

Are you preparing for an audit? Let's talk.

Our experts help you prepare for NIS2, GDPR, ISO 27001 or DORA audits - with specific controls that can be implemented with ViVeSec Box.

Book a meeting →

NIS2 – Network and Information Systems Security

How ViVeSec Box helps

GDPR – General Data Protection Regulation

How ViVeSec Box helps

ISO/IEC 27001 – Information Security Management System

How ViVeSec Box helps

CE marking – placing on the EU market

How ViVeSec Box helps

Common Criteria – Security Target

How ViVeSec Box helps

UK Cyber Essentials

How ViVeSec Box helps

Are you preparing for an audit? Let's talk.

Stay up-to-date on cybersecurity