The core mission of Onna is to give our customers insight into their data in a safe and secure environment. It is only natural that we make security and privacy our most important responsibility. We follow a software development process that includes security at its core. Our developers adhere to industry accepted best practices and standards defined by NIST 800-53, SANS and OWASP.
- Code reviews are conducted regularly to ensure strong data privacy and integrity practices are being followed.
- Every feature undergoes a rigorous testing and quality assurance process.
- Security awareness training is an ongoing process at our company, applying to both technical and non-technical staff.
The Onna Security document sets out the default standards which must be met to ensure that control. The information which needs protection includes, but is not limited, to:
- Intellectual property and copyrighted materials, both those our company creates and those we obtain under license from others
- Customer information (both for companies and individuals)
- Financial information, including credit cards, salaries, bank statements, transactions, and more
- Medical information of all types
- Company patents, business plans, and other intellectual property
- Company business records and planning materials, including customer lists, marketing and sales efforts, product line plans, and more.