The core mission of Onna is to give our customers insight into their data in a safe and secure environment. It is only natural that we make security and privacy our most important responsibility. We follow a software development process that includes security at its core. Our developers adhere to industry accepted best practices and standards defined by NIST 800-53, SANS and OWASP.
Code reviews are conducted regularly to ensure strong data privacy and integrity practices are being followed.
Every feature undergoes a rigorous testing and quality assurance process.
Security awareness training is an ongoing process at our company, applying to both technical and non-technical staff.
The Onna Security document sets out the default standards which must be met to ensure that control. The information which needs protection includes, but is not limited, to:
Intellectual property and copyrighted materials, both those our company creates and those we obtain under license from others
Customer information (both for companies and individuals)
Financial information, including credit cards, salaries, bank statements, transactions, and more
Medical information of all types
Company patents, business plans, and other intellectual property
Company business records and planning materials, including customer lists, marketing and sales efforts, product line plans, and more.