Choose a Data Center With Robust Security Measures and Proven Compliance Methods.
Compliance and Security is in Our DNA
When you handle sensitive data, you need a data center partner with a reputation for meeting the most rigorous compliance and security requirements. OnRamp uses industry best practices and participates in regular third-party audits, such as HITRUST CSF, to ensure optimal data center performance.
SSAE 16 / AICPA SOC 2, Type 2 and SOC 3 Certified
A Rigorous Audit Standard for IT Processes and Policies.
The Statement on Standards for Attestation Engagements no. 16 (SSAE 16) is the new “attest” standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants. Formerly known as “SAS 70,” an SSAE 16 audit includes controls over information technology and related processes, policies, and procedures, including operational activities. As an SSAE 16 / AICPA SOC 2 Type 2 and SOC 3 certified company, OnRamp has met or exceeded standards for:
- Logical and Physical Access
- Security of Environment and Information
- Secure Storage
Data Center Compliance Solutions
As HIPAA experts, OnRamp developed systems, tools, and procedures to help you tightly integrate our products and services with your own assets and procedures. Our goal is to eliminate the gaps in protection that might otherwise occur.
As your trusted partner in the HIPAA implementation process, OnRamp works with you to design, implement, and secure your systems and applications. Our team acts as your subject matter expert on HIPAA requirements, allowing you to focus on the day-to-day responsibilities of your core business.
EU-U.S. Privacy Shield Hosting
Data privacy has no boundaries. The EU-U.S. Privacy Shield offers standardized requirements for data transfers across the EU and Switzerland to protect sensitive information.
- Onward Transfer (Transfers to Third Parties)
- Data Integrity
Data Center Security Features
We Use the Most Advanced Technology in the Industry to Ensure the Protection of Your Data.
As an SSAE 16 / AICPA SOC 2 Type 2 certified, PCI and HIPAA compliant company, OnRamp understands the importance of employing security best practices in the data center.
- Minimal public signage
- 24/7/365 staffing and PCI-compliant video surveillance—OnRamp maintains at least 90 days of video as part of our external audits and certification processes
- Two-factor authentication, using a combination of card key and biometric scanner
- Bulletproof mantraps for visitor authentication, where photo IDs are matched to authorized visitor lists
- Escorts for all visitors
Multiple Layers Protect Our Data Centers’ Managed Infrastructure and Network.
To secure your data, OnRamp employs multiple layers of data encryption (in motion and at rest), intrusion detection, two-factor authentication, firewalls, advanced monitoring software, and regular risk and vulnerability assessments.
All of OnRamp’s systems are monitored 24/7, and we log every activity according to stringent controls which are audited by third parties. OnRamp uses a variety of compliant hosting processes to ensure that our interaction with your sensitive data occurs in an auditable, compliant fashion:
Systems Development Life Cycle
This process governs the acquisition, deployment, maintenance, and disposal of equipment exposed to sensitive data.
OnRamp’s strict policy complies with NIST standards for appropriately rendering storage media unreadable and unrecoverable.
OnRamp regularly analyzes its own policies, processes, and procedures to ensure that threats and vulnerabilities are identified and appropriately addressed.
Breach Notification Procedures
OnRamp regularly trains all personnel on how to notify customers in the event a security breach occurs.
Safe Harbor Analysis
OnRamp assists customers in determining how to appropriately protect data at rest and data on the fly, to comply with regulatory laws regarding breach notification.