Security & Compliance
Security, Compliance & Data Protection
Your company's security and data privacy is our top priority. Learn how we're investing in global data protection frameworks, training and technology below.
View security featuresSecurity starts with trust
Compliance
We ensure Opensense
meets industry-standard compliance.
Infrastructure
We use industry best practices to ensure our infrastructure is kept up to date.
Personnel
We ensure every
Opensense employee is
vetted, tested and trained.
App & Development
Our product is built with security and quality top of mind.
Categories
Compliance
SOC 2 Type II Certified
Opensense's SOC 2 Type II attestation covers the trust services categories of Security, Confidentiality, and Availability and is completed annually.
GDPR Compliance
We comply with GDPR as a data processor and manage the transfer data via Standard Contractual Clauses.
Book a demo
We ensure policies, processes, and controls comply with CCPA requirements and have built CCPA employee notices directly into our software.
Data & Infrastructure Security
Secure Infrastructure Provider
We host all of our data in physically secure, US-based, Tier 1 SOC 2 Type II data centers that include 24/7 on-site security, camera surveillance, and more.
Data Encryption in Transit & at Rest Process
All data sent to or from Opensense is encrypted using TLS (v1.2 or later), and all customer data is encrypted using 256-bit ciphers.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. All servers are monitored 24/7 for security and resource usage.
Strict Access Controls
Strict Access ControlsAccess to all Opensense’s systems is managed through its portal which manages, user provisioning, SSO (via third-party such as Okta, Oauth, or other SAML 2.0 providers), enforces domain-based policy and logs all activity.
Data Redundancy & Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration, and the application tier scales using load balancing technology that dynamically meets demand.
Personnel Security
Formal Security Policies & Incident Response Plan
We host all of our data in physically secure, US-based, Tier 1 SOC 2 Type II data centers that include 24/7 on-site security, camera surveillance, and more.
Continuous Security Training
All data sent to or from Opensense is encrypted using TLS (v1.2 or later), and all customer data is encrypted using 256-bit ciphers.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. All servers are monitored 24/7 for security and resource usage.
Strict Access Controls
Strict Access ControlsAccess to all Opensense’s systems is managed through its portal which manages, user provisioning, SSO (via third-party such as Okta, Oauth, or other SAML 2.0 providers), enforces domain-based policy and logs all activity.
App & Development
Secure Infrastructure Provider
We host all of our data in physically secure, US-based SOC 2 Type II data centers that includes state of the art security, including 24/7 on-site security, camera surveillance, and more.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.
Data Encryption
All data sent to or from Opensense is encrypted using TLS (v1.2 and later) and all customer data is encrypted using 256-bit ciphers.
Strict Access Controls
Access to all Opensense’s systems is managed and logged centrally for automated user provisioning, and multi-factor authentication.
Data Redundancy & Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration an the application scales using load balancing technology that dynamically meets demand.
Compliance
SOC 2 Type II Certified
Opensense's SOC 2 Type II attestation covers the trust services categories of Security, Confidentiality, and Availability and is completed annually.
GDPR Compliance
We comply with GDPR as a data processor and manage the transfer data via Standard Contractual Clauses.
Book a demo
We ensure policies, processes, and controls comply with CCPA requirements and have built CCPA employee notices directly into our software.
Data & Infrastructure Security
Secure Infrastructure Provider
We host all of our data in physically secure, US-based, Tier 1 SOC 2 Type II data centers that include 24/7 on-site security, camera surveillance, and more.
Data Encryption in Transit & at Rest Process
All data sent to or from Opensense is encrypted using TLS (v1.2 or later), and all customer data is encrypted using 256-bit ciphers.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. All servers are monitored 24/7 for security and resource usage.
Strict Access Controls
Strict Access ControlsAccess to all Opensense’s systems is managed through its portal which manages, user provisioning, SSO (via third-party such as Okta, Oauth, or other SAML 2.0 providers), enforces domain-based policy and logs all activity.
Data Redundancy & Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration, and the application tier scales using load balancing technology that dynamically meets demand.
Personnel Security
Formal Security Policies & Incident Response Plan
We host all of our data in physically secure, US-based, Tier 1 SOC 2 Type II data centers that include 24/7 on-site security, camera surveillance, and more.
Continuous Security Training
All data sent to or from Opensense is encrypted using TLS (v1.2 or later), and all customer data is encrypted using 256-bit ciphers.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. All servers are monitored 24/7 for security and resource usage.
Strict Access Controls
Strict Access ControlsAccess to all Opensense’s systems is managed through its portal which manages, user provisioning, SSO (via third-party such as Okta, Oauth, or other SAML 2.0 providers), enforces domain-based policy and logs all activity.
App & Development
Secure Infrastructure Provider
We host all of our data in physically secure, US-based SOC 2 Type II data centers that includes state of the art security, including 24/7 on-site security, camera surveillance, and more.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.
Data Encryption
All data sent to or from Opensense is encrypted using TLS (v1.2 and later) and all customer data is encrypted using 256-bit ciphers.
Strict Access Controls
Access to all Opensense’s systems is managed and logged centrally for automated user provisioning, and multi-factor authentication.
Data Redundancy & Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration an the application scales using load balancing technology that dynamically meets demand.
Testimonials
What are others saying about Opensense?
Read why the world's most advanced marketing & sales teams use Opensense as their preferred email signature, marketing, sales, and compliance solution.
Get enterprise-grade security features with regular audits to ensure you’re always protected with Opensense.
FAQs
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam vitae erat.
Opensense can be implemented a number of ways depending on the nuances of your environment and your organization's technical and security posture. The two most common ways Opensense is implemented are a server-side implementation (available for Microsoft Office and Google Workspace tenants) and a Microsoft 365 Add-In. The server-side approach automatically applies email signatures to emails sent from any device, including desktop, web, and mobile devices by securely processes emails after they are sent by the sender. Our optional Microsoft Outlook Add-In ensures that email signatures are visible to users while composing emails.
Emails are received securely using encryption and securely processed in volatile memory only – never saved to disk as noted in our SOC2 Type II report – to add custom-designed, beautiful email signatures to scoped emails; they are immediately returned securely using the same in-transit encryption to the originating service (e.g. Microsoft Office 365/Google Workspace) for final delivery,
Opensense is built on a hybrid cloud infrastructure that utilizes Tier 1, SOC 2 Type II service providers that are both geo- and vendor-redundant, including Google Cloud, Amazon Web Services, and Microsoft Azure along with bare metal servers at SOC 2 Type II compliant data centers such as OVH, Horizon (previously INAP), Hivelocity, and PhoenixNAP (see https://opensense.com/dpa for full list). By default, Opensense utilizes data centers distributed across the United States but also can optionally accommodate each customer’s data residency requirements in Europe, Asia, and Australia.
Opensense maintains a 99.9% uptime through the use of multiple vendors and multiple locations across the US (as well as globally). We monitor our services 24/7 for service degradation and failure using internal and external systems. We have stringent escalation procedures to notify our senior engineering staff immediately of any potential service impacts. Our unique infrastructure ensures high availability of all of our services through automatic failover, replication, and continuous monitoring of all aspects of our services. We monitor and analyze all service impact and outages to proactively adjust, update, and optimize the delivery of our services. Customers can also check the status of Opensense 24/7 at https://status.opensense.com.
In the unlikely event that Opensense encounters an outage, emails are queued in the customer’s email tenant and can be released without signatures by your email tenant administrator or they will be processed normally once Opensense’s services resume. Microsoft Add-In customers may not encounter any impact during service degradations depending on the implementation.
Yes. Opensense can be easily customized and scoped through rules established in your email tenant by your admin as well as in the Opensense portal by users designated by your Opensense administrator.
By default, Opensense processes standard public contact information as required by the customer’s email signature designs: this includes name, title, email address, department, etc. This information is owned by the Customer and is never shared with third-parties: our use of the data is governed by strict security and confidentiality provisions in our legal binding Master Services Agreement (which includes and incorporates our Data Protection Agreement). To protect your data, Opensense employs advanced 256-bit encryption to protect data at rest and in transit (using the latest TLS v1.3 protocols and requiring at least TLS v1.2). Access to all data within our organization is strictly controlled through strictly controlled access, multi factor authentication (MFA), role-based access controls (RBAC) and Least-Required-Access Privilege (LRAP) controls. continuous monitoring systems (IDS/IPS, SIEM, FIM, etc.) are in place to detect suspicious events and notify appropriate personnel of potential incidents and prevent unauthorized access or data mishandling. Access, business risk, and vendor audits along with weekly network/app monitoring as well as at least annual third-party SOC2 Type II audits, pen-tests, and code reviews ensure compliance as a required part of our robust security and compliance program.
Opensense ensures compliance with local and international privacy regulations by adhering to strict data protection guidelines outlined in our GDPR-compliant Data Protection Agreement located at https://opensense.com/dpa. In addition, we comply with and service all Data Subject Access Requests.
Yes, Opensense supports SSO via third-party systems such as Okta, MS Entra, Google Oauth, or other SAML 2.0 providers.
Our top priority is making Opensense secure and safe for all of our Customers. We investigate any and all reported security concerns with any of Opensense services or software. Please report security problems or questions to security@opensense.com