Onedot employs a data centre and network architecture purposely built to satisfy even the most security-sensitive organisations in the world.
To keep your data safe during transit and in storage we use secure protocols (HTTPS) for all access points and an OAuth2-based Identity Management Server with enterprise-grade authentication and authorisation features.
All the files you upload are stored using strong server-side encryption using the AES256 algorithm. Each file is encrypted with a unique key and as an additional safeguard, that key is also encrypted with a rotating master key.
Once your data has been encrypted, it can no longer be read by unauthorised users even if they gain access to the underlying files.
Working with the global leader in cloud computing, Onedot’s cloud infrastructure has achieved certifications for a number of international standards, including ISO 27001, ISO 27017 and ISO 27018.
We also maintain security protocols to ensure organisations remain compliant with the EU Data Protection Directive and the Model Clauses.
HOW IS MY COMPANY’S DATA STORED?
Your data is stored in Onedot’s secure cloud environment. Using the cloud enables us to provide you with a reliable and scalable platform that can handle all your data requirements without compromising on flexibility and security.
Since we don’t manage physical servers or storage devices, we are able to focus on monitoring and proactively protecting the flow of information. We perform regular and automated scans of our environment and have a system in place to prevent and detect brute force access attempts.
We also employ extensive network and security monitoring systems. In addition, each component of our infrastructure is continuously scanned and tested.
WHAT DOES ONEDOT DO WITH THE DATA?
Onedot acquires no rights, title or interest in any data you upload. Data is only used to the limited extent we need to perform the services you’ve requested. Upon termination or expiration of our service agreement, your data will be irretrievably deleted and destroyed within 30 days.
WHO CAN ACCESS THE DATA?
Access to your data is only granted to a small number of Onedot engineers so they can perform the work you need. Non-essential personnel, such as support staff and technical administrators can never access the entire data set or make copies.
WHERE IS YOUR DATA HELD?
We do not disclose the location of our data centres which are under 24/7 security surveillance. These data centres are located in several geographies across multiple availability regions in order to maximise security and resiliency against system outages.
This means that in the event of a natural disaster or system failure, we have sufficient capacity to keep everything running through the remaining data centres – giving you continuous access to your data.
We will always do our best to keep your data safe. If you have more questions about Onedot’s security as well as our policies, procedures and processes, please email us at firstname.lastname@example.org.