Service Status
Available
Available
Release Notes
Release June 17, 2025
Release May 22, 2025
Release May 9, 2025
Security Practices
Onda is committed to the protection of our customers data and strives to maintain SOC 2 Type II and ISO 27001 compliance.
Data Protection
Encryption at rest
All data containing customer information is stored encrypted in our cloud environment. We choose the services we use based on their ability to support this feature.
Data in transit
All data is transfered between services and to clients using TLS 1.2 or higher. This ensures safety in trasit and prevents snooping. Our TLS keys are managed by our cloud provider and deployed automatically by our infrastructure automation.
Key management
We do not store any of our services keys or secrets in plain text. These are all managed by our cloud providers secret management store, which not only protects the keys from access but also provides an audit of change and access to the keys.
Security testing
Pentesting
We engage with reputable third parties to perform penetration testing of our services to ensure we have followed safe and secure development and deployment practices.
Vulnerability management
Our software delivery and deployment lifecycle encorporates veulnerability scanning and management automatically. Any change to our system results in an automated scan, which produces work items to mitigate any detected vulnerabilites. These are treated as high priorty items over features.