Comprehensive Security Maintained by Audited Physical, Technical and Administrative Measures.

Physical Security

Physical Security

OnRamp embodies a culture rooted in security. We wrap our processes, our systems, and our people around the most comprehensive and advanced technology in the industry to ensure the confidentiality, availability and integrity of our customers’ computing infrastructure and sensitive data.

Logical Security

Logical Security

Multiple layers of security are employed for OnRamp’s managed infrastructure and network, including advanced monitoring software, intrusion detection systems, regular risk and vulnerability assessments, firewalls and other network devices.

OnRamp Compliant Hosting Processes

We’re Your Collaborative Partner to Ensure Compliance Every Step of the Way.

Protecting the confidentiality, availability and integrity of sensitive data requires the coordination of everyone involved in the acquisition, deployment, maintenance and disposal of IT systems used to store and manipulate the data. OnRamp uses a variety of Compliant Hosting Processes (below) to ensure that our interaction with your sensitive data occurs in an auditable, compliant fashion.

  • Systems Development Life Cycle: OnRamp maintains a Systems Development Life Cycle process that governs the acquisition, deployment, maintenance and disposal of equipment exposed to sensitive data.
  • Media Sanitization: OnRamp enforces a strict Media Sanitization Policy that is compliant with NIST standards for appropriately rendering storage media unreadable and unrecoverable.
  • Risk Analysis: OnRamp regularly analyzes its own policies, processes and procedures to ensure that threats and vulnerabilities are identified and appropriately addressed.
  • Breach Notification Procedures: OnRamp regularly trains all personnel on the procedures to notify customers in the event a security breach occurs with their infrastructure.
  • Safe Harbor Analysis: OnRamp assists customers in determining how to appropriately protect data at rest and data on the fly to qualify for “safe harbors” which exist in regulatory law for breach notification.

Physical Security Overview

The Most Advanced Technology in the Industry to Ensure the Protection of Sensitive Data.

As SSAE 16 SOC II, PCI and HIPAA facilities, OnRamp’s Data Centers are regularly scrutinized on their physical security by third party experts. Physical security starts outside of the walls of our Data Centers. Signage on public facing building frontage is kept to a functional minimum, and OnRamp’s facilities are under surveillance 24/7/365.

Physical security in OnRamp’s Data Centers is deployed in “security envelopes” with all critical areas including data halls, NOCs and critical systems, accessed only by two-factor authentication, using a combination of card keys and biometric scanners. Visitors are authenticated in bullet proof mantraps, a process in which OnRamp personnel match photo ID with records of authorized access lists. All visitors are escorted by a member of the OnRamp NOC staff to their equipment. Once inside our facilities, visitors are monitored at all times by over 30 cameras which stream to hard drives in the NOC. OnRamp maintains at least 90 days of video as part of our external audits and certification processes. And, OnRamp’s Building Management Systems monitor several different critical facilities inputs.

Data Center Security

  • SSAE16 SOC  II Audited Facilities
  • Focus on HIPAA, PCI and High Security Hosting
  • All OnRamp Facilities Staffed 24/7/365
  • Comprehensive, PCI Compliant Video Surveillance
  • Bulletproof Mantraps Used for Entry Authentication
  • Physical Perimeter Protected by Two Factor Authentication

Logical Security Overview

The Most Advanced Technology in the Industry to Ensure the Protection of Sensitive Data.

OnRamp operates multiple layers of logical security to ensure that our customers’ infrastructure, applications and sensitive data are secure. All of OnRamp’s systems are monitored 24/7 and activities logged according to stringent controls which are audited by third parties.

Take Virtual Data Center Tour

ldr-icn_data-center-vid2-gray

  • Multi-Layered Defense
  • Stringent Authentication and Change Management Processes
  • Advanced Monitoring for Malicious Activity
  • Regular Risk and Vulnerability Assessments
  • Firewalls, VPNs, Intrusion Detection, DDOS Mitigation Services
  • Proprietary 3-Step Process to Assess and Remediate Customer Risk
  • All Operations Logged and Audited by Outside Auditors to Industry Standards