Security and Privacy

We want to ensure system security and customer privacy is a priority at every step of the engineering process. All employees are required to go through security training and best practices for data handling.

Technology

Opsenic is built on top of infrastructure and services that uses industry grade security standards. We encrypt your data at rest, including emails, calendar events and other personally identifiable metadata.

Strict controls over data access

We use a 256-bit AES encryption in storage and a 256-bit SSL/TLS encryption in transit. Our database is hosted in a Virtual Private Cloud with Google Cloud. Google follows top IT security standards, including SOC 2 Type II, SOC 3, PCI-DSS certification, and ISO 27001.

Uptime and logging

Our production environments have security logging, uptime monitoring, and system availability metrics of our core services. This helps our security team enforce automated monitoring and uptime.

We implement coding best practices focused on the OWASP Top Ten

Development, testing, and production environments are separated. All code changes are peer reviewed and tested prior to deployment into production.