The core mission of Onna is to give our customers insight into their data in a safe and secure environment. It is only natural that we make security and privacy our most important responsibility. We follow a software development process that includes security at its core. Our developers adhere to industry accepted best practices and standards defined by NIST 800-53, SANS and OWASP.
-
Code reviews are conducted regularly to ensure strong data privacy and integrity practices are being followed.
-
Every feature undergoes a rigorous testing and quality assurance process.
-
Security awareness training is an ongoing process at our company, applying to both technical and non-technical staff.
The Onna Security document sets out the default standards which must be met to ensure that control. The information which needs protection includes, but is not limited, to:
-
Intellectual property and copyrighted materials, both those our company creates and those we obtain under license from others
-
Customer information (both for companies and individuals)
-
Financial information, including credit cards, salaries, bank statements, transactions, and more
-
Medical information of all types
-
Company patents, business plans, and other intellectual property
-
Company business records and planning materials, including customer lists, marketing and sales efforts, product line plans, and more.