Security at Origami Risk is paramount. Origami Risk utilizes real-time intrusion detection and prevention tools, penetration testing, and data encryption to help protect the security of client data at all times. In addition, Origami Risk maintains compliance with rigorous SOC 1 Type II, SOC 2 Type II, and NIST 800-53 security controls and has joined the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
With a web application such as Origami Risk, there are a number of fronts that must be managed in order to help ensure that data is secure. One of the major focuses for Origami Risk is within the application itself. Origami Risk takes a number of steps to help ensure application security, including:
Origami Risk’s servers are housed in the Amazon Web Services Elastic Cloud environment. Amazon Web Services Elastic Cloud maintains several data centers with the highest standards in data security. Amazon Web Services Elastic Cloud data centers are housed in nondescript facilities that have extensive setback and military grade perimeter control berms, as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security standards utilizing video surveillance, state-of-the-art intrusion detection systems, and other electronic means. Authorized personnel must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. Amazon also provides environmental controls in its data centers to assure the proper working condition of its systems, including fire prevention/suppression, power management, and temperature controls. Origami Risk utilizes Amazon regions that are confined to the United States. Data maintained by Origami Risk is kept in these regions and will not be moved to offshore regions. More details can be found at http://aws.amazon.com/security/.
Origami Risk maintains compliance with the following standards, attesting to our commitment to provide world-class security: