Your trust and data security are central to everything we do at Onna.
Get insight into your data in a secure and private environment.
Book a Demo
Trusted by hundreds of organizations
Enterprise-grade data protection
We adhere to industry accepted best practices and standards in secure software development, defined by NIST 800-53, SANS and OWASP. We use HackerOne to manage our private bug bounty program. We protect all of our data including customer, financial, medical information, intellectual property, as well as company patents, business records and planning materials.
If you have any questions, please contact us on security@onna.com or check our privacy policy.
Internal controls and permissions
User roles
Assign user roles for every user on Onna to control what data they can view and what actions they can perform.
Permissions
Set permissions for specific files or workspaces to have a more precise control.
World class security architecture
-
Encryption
We encrypt data while in transit and at rest. Data is stored on encrypted storage volumes. Data at rest is secured using AES-256. Transport Layer Security (TLS v1.2) protocol is used to secure all communication between the desktop and web client to the backend servers – nothing is ever sent in clear text.
-
Data storage
Your data is stored on the highly trusted Google Cloud Platform. Google Cloud has numerous attestations from third parties with regard to physical security, data center operations and personnel security, including, but not limited to, PCI, SOC, FINRA and ISO27001.
-
Third parties
We use OAuth 2.0 protocol (token-based authentication) to connect to third-party data providers, such as Gmail, Dropbox, Office 365, and Slack. We will never ask for your credentials to these services and will securely store the authentication token that is generated by the service when you authorize our access.
“As mutual clients, Onna uses HackerOne for their bug bounty program, showing they go the extra mile to ensure every aspect of their security is world-class. They truly believe in the power of security.”
Aaron Zander | Head of IT at HackerOne
Certifications
Our Knowledge Integration Platform
Integrate any number of our connectors to automatically process, classify, and secure your information in one place, enabling you to utilize your information in new and intuitive ways.
Other Helpful Resources
-
Webinar: Data Governance, Compliance, and Retention
Join Onna, Box, and ViacomCBS as we walk through data governance best practices in a remote, cloud-based world.
-
eDiscovery In The Age of Emerging Tech: How To Stay Within Regulations Without Losing Efficiency
Here's how leaders in highly-regulated industries are keeping up with GDPRA and CCPA.
-
What You Need to Know About Slack GDPR
Slack GDPR compliance is critical for any business that has ties to the EU. Learn the ins and outs of GDPR standards in Slack to protect your organization.
