Security, Compliance & Data Protection
Your data is secure with Opensense.
Security Overview
Security starts with trust
We know your data is sensitive. That’s why we combine enterprise-grade security features with regular audits to ensure that you’re always protected.
compliance
We comply with global data protection and security frameworks.
SOC 2 Type II Certified
Opensense's SOC 2 Type II attestation covers the trust services categories of Security, Confidentiality, and Availability and is completed annually.
GDPR Compliance
We comply with GDPR as a data processor and manage the transfer data via Standard Contractual Clauses.
CCPA Compliance
We ensure policies, processes, and controls comply with CCPA requirements and have built CCPA employee notices directly into our software.
Data & infrastructure security
We're built to secure your most sensitive data.
Secure Infrastructure Provider
We host all of our data in physically secure, US-based, Tier 1 SOC 2 Type II data centers that include 24/7 on-site security, camera surveillance, and more.
Data Encryption in Transit & at Rest Process
All data sent to or from Opensense is encrypted using TLS (v1.2 or later), and all customer data is encrypted using 256-bit ciphers.
Data Redundancy and Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration, and the application tier scales using load balancing technology that dynamically meets demand.
Strict Access Controls
Access to all Opensense’s systems is managed through its portal which manages, user provisioning, SSO (via third-party such as Okta, Oauth, or other SAML 2.0 providers), enforces domain-based policy and logs all activity.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. All servers are monitored 24/7 for security and resource usage.
PERSONNEL SECURITY
We hold our employees to the highest standard.
Formal Security Policies & Incident Response Plan
Opensense maintains a set of comprehensive security polices that are kept up-to-date to meet the changing security environment. These materials are made available to all employees.
Strict User Access
Every new hire must pass a thorough background check as well as an InfoSec training course once a year. We disable departing employee’s devices, apps, and access during off-boarding.
Continuous Security Training
The Opensense Security Team provides continuous education on emerging security threats, performs phishing awareness campaigns, and communicates with employees regularly.
Office Security
Opensense manages visitors, office access, and overall office security via a formal office security program.
APP & DEVELOPMENT
Our developers keep
security top of mind.
Secure Infrastructure Provider
We host all of our data in physically secure, US-based SOC 2 Type II data centers that includes state of the art security, including 24/7 on-site security, camera surveillance, and more.
Data Encryption
All data sent to or from Opensense is encrypted using TLS (v1.2 and later) and all customer data is encrypted using 256-bit ciphers.
Data Redundancy & Resiliency
Opensense’s infrastructure has been designed to be highly available with redundancy and failover. All databases operate in a cluster configuration and the application scales using load balancing technology that dynamically meets demand.
Strict Access Controls
Access to all Opensense’s systems is managed and logged centrally for automated user provisioning, and multi-factor authentication.
Server Security & Monitoring
All servers are configured using a documented set of security guidelines and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.
