Maintain Compliance and Meet Regulatory Standards Through Our Secure Hosting



Achieve the highest levels of security set forth by government, education and financial regulatory requirements for FISMA, FERPA, FACTA, GLB and SOX.



Implement compliant, secure solutions with a partner that works with you to ensure that they incorporate the context of your specific business needs.



Meet stringent data privacy standards with OnRamp’s comprehensive, secure hosting solutions that address the confidentiality, availability and integrity of sensitive data.

Compliant, Secure Hosting Overview

Reduce Risk with Compliant Solutions Maintained and Audited with Stringent Physical, Technical and Administrative Measures.

OnRamp provides the most reliable and secure hosting solutions for organizations with specific regulatory requirements concerning their IT environments. Industries that maintain mission critical or highly personal data are often required to take specific steps to protect the confidentiality, availability and integrity of their data operations. More than simply needing a reliable facility or set of technology infrastructure to conduct operations, these customers need a partner that has developed fully-compliant products and operational processes that maintain compliancy and delivers service in an easily auditable fashion.

In addition to HIPAA and PCI Compliant Hosting solutions, OnRamp’s High Security Hosting is used by companies needing to comply with the following regulatory frameworks:

Gramm Leach Bliley Act

GLBA Hosting for Financial Institutions.

OnRamp works with customers to meet GLBA Data Protection Rule and subsequent safeguards to:

  • Ensure the security and confidentiality of customer records and information
  • Protect against any anticipated threats or hazards to the security or integrity of such records
  • Protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Modernization Act of 1999, requires financial institutions to take steps to ensure the security and confidentiality of customer records such as names, addresses, phone numbers, bank and credit card account numbers, income and credit histories, and social security numbers. The GLB Act specifies that, to ensure the security and confidentiality of customer records and information, organizations must establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical and physical safeguards.

GLBA Compliance


SOX Compliant Hosting for Publicly Held Companies

OnRamp specializes in helping to ensure compliance for companies that need to meet Sarbanes-Oxley compliance standards. The Sarbanes-Oxley (SOX) Act of 2002 requires that publicly held companies implement adequate controls to safeguard financial data, operations, and assets.

SOX sets requirements in terms of data protection, vulnerability testing, and auditing data integrity. SOX not only affects the financial side of corporations, but also IT departments charged with storing a corporation’s electronic records. The act is not a set of business practices and does not specify how a business should store records; rather, it defines which records should be stored and for how long.

SOX states that all business records, including electronic records and electronic messages, must be saved for “not less than five years.” The consequences for noncompliance are fines, imprisonment or both.

Section 802 of Sarbanes-Oxley contains the three rules that affect the management of electronic records. The first rule deals with the destruction, alteration or falsification of records, and the resulting penalties. The second rule defines the retention period for records storage. The third rule refers to the type of business records that need to be stored, including all business records and communications, including electronic communications.

Sarbanes-Oxley Compliance

The Fair and Accurate Credit Transaction Act

FACTA Hosting for Financial Institutions and Creditors.

OnRamp’s FACTA Compliance Hosting solutions employ compliance-critical hardware and a suite of managed security services to deliver the highest levels of proactive detection and protection to ensure the confidentiality, availability and integrity of your data.

The Fair and Accurate Credit Transaction Act (FACTA) of 2003 requires any business that extends credit to consumers to protect those consumers from identity theft. The Act stipulates requirements for information privacy, accuracy and disposal and limits the ways consumer information can be shared.

The Fair and Accurate Credit Transaction Act

The Family Educational Rights and Privacy Act

FERPA Hosting for Educational Agencies

With deep experience in helping companies across industry verticals, where the protection of critical, sensitive data is required, OnRamp has the most secure Compliance Hosting solutions to meet FERPA’s rules and regulations associated with protecting PII.

The Family Educational Rights and Privacy Act (FERPA) of 1974 is a U.S. privacy law designed to protect student records, including personally identifiable information (PII) with administrative, physical and technical safeguards.

FERPA allows for educational agencies and institutions to use third-party cloud and/or IT infrastructure providers, like OnRamp, for the outsourcing of information technology functions including the storage of education records.

FERPA Hosting for Educational Agencies

The Federal Information Security Management Act

FISMA Hosting for Government Agencies

OnRamp complies with the technical and operational controls issued by the National Institute of Standards and Technology (NIST) that meets the framework defined by FISMA.

The Federal Information Security Management Act (FISMA), enacted in 2002, recognized the importance of information security to the economic and national security interests of the United States. FISMA requires each federal agency to develop, document and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor or other source.

FISMA assigns specific responsibilities to federal agencies, the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) in order to strengthen information security systems. In particular, FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce information technology security risks to an acceptable level.

According to FISMA, the term information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality and availability. The FISMA security framework provides the common standards agencies require to outsource critical applications to external data centers.

FISMA Hosting for Government Agencies