logo

Service Status

Navigator status

Available

Portal status

Available

Release Notes

Release June 17, 2025

  • Notification toast added for Bound status in Portal

Release May 22, 2025

  • £50k Cyber Crim sublimit added in UK Portal
  • Discovered Suppliers widget added to Navigator

Release May 9, 2025

  • New pricing model that allows more deductible and limit options
  • Improved status notifications during bind process

Security Practices

Onda is committed to the protection of our customers data and strives to maintain SOC 2 Type II and ISO 27001 compliance.

Data Protection

shield_locked

Encryption at rest

All data containing customer information is stored encrypted in our cloud environment. We choose the services we use based on their ability to support this feature.

multiple_stop

Data in transit

All data is transfered between services and to clients using TLS 1.2 or higher. This ensures safety in trasit and prevents snooping. Our TLS keys are managed by our cloud provider and deployed automatically by our infrastructure automation.

key_vertical

Key management

We do not store any of our services keys or secrets in plain text. These are all managed by our cloud providers secret management store, which not only protects the keys from access but also provides an audit of change and access to the keys.

Security testing

assignment_turned_in

Pentesting

We engage with reputable third parties to perform penetration testing of our services to ensure we have followed safe and secure development and deployment practices.

security

Vulnerability management

Our software delivery and deployment lifecycle encorporates veulnerability scanning and management automatically. Any change to our system results in an automated scan, which produces work items to mitigate any detected vulnerabilites. These are treated as high priorty items over features.