Our mission is to give customers insight into
their data. Our responsibility is to make sure
that data is kept in a system using the highest
security standards. Onna has numerous
attestations from numerous
third-party industry leaders.

Data security

Your data is stored on a highly trusted cloud platform that has numerous attestations from third parties with regard to physical security, data center operations, and personnel security. We have two factor authorization and SAML available for your organization.

Network security

All of our servers run on private networks behind tightly controlled firewalls. We keep our development and production environments separate and limit production access to a few trusted individuals.

Audit & Logging

Logging is used for all our infrastructure and application systems. We periodically review audit logs to ensure we’re always operating within the guidelines and above industry standards.


Onna has passed several Web Application Security Assessments using the industry best practices, such as ISO 27002, NIST 800-115, OWASP, and PTES.

Compliance certifications and regulations


What ways can Onna be deployed in an organization?

Onna can be deployed as a SaaS product, private cloud or on-premise. We also integrate with SAML & SSO services like Okta, GSuite or Active Directory.

Can you collect from sources behind a firewall?

Yes, we offer Onna Bridge, a Windows and MacOS based application, that connects to these services directly. Onna Bridge synchronizes directories to Onna’s processing servers.

Who can see my files and how can I manage privacy?

Only people to whom you give permission. You can always review your privacy settings relating to each data source and file associated to your account.