Protecting your data is our top priority and we take security very seriously. We take pride in providing bank grade security, being GDPR compliant, and we have taken the following measures to ensure that your data is and will always be safe with us.
Service and Organisation Controls (SOC 2) accredited.
We have been audited by an American Institute of Certified Public Accountants (“AICPA”) and accredited with the highest standard of industry-recognized accreditation. More info >
GDPR COMPLIANT
Your data rights are protected. Read more >
Third-party Penetration Testing
We regularly engage a third-party CREST certified security audit firm to conduct a penetration testing on our systems. We were last certified and secured in Q1, 2022.
FIREWALLS
All our servers have IP Table based firewall that denies all but approved IPs as a default rule.
Two Factor Authentication
All Public services (HTTP, HTTPS and SSH) are protected by 2FA. Admin accounts can turn on 2FA on-demand, and can be enforced company wide.
AWS
We host all our system services on Amazon Web Services in Singapore
Encrypted
Web Sessions are SSL encrypted (HTTPS)
FIREWALLED
All Servers are firewalled
Daily Backups
We do daily offsite backups of your data. The data is stored in a secure facility in Singapore for 30 days.
Private Repositories
Each of our developers have their own private repositories.
Database Encryption
All databases are encrypted on disk.
DATA PURGE
All data is purged when an event is archived or 30 days after our contract is terminated. It can be purged earlier by sending a request to support@onlive.io.