man developing workflow on tablet
Cloud computing security

We hold ourselves & our vendors to the highest standards

As the only true multi-tenant SaaS provider in the industry, security and compliance is paramount at Origami Risk, and our rigorous standards show for it. Our servers are housed in the Amazon Web Services (AWS) Elastic Cloud environment, which are operated on the highest standards in data security.

Security compliance

Our compliance standard & promise

Origami Risk maintains compliance with the following standards, certified by third-parties, attesting to our commitment to provide world-class security:

  • SSAE 18 SOC 1 Type II & SOC 2 Type II
  • FISMA moderate system authorization & accreditation
  • HIPAA NIST 800-53 security rule
  • EU General Data Protection Regulation (GDPR)
woman managing documents on laptop

Ensuring application security

We utilize real-time intrusion detection and prevention tools, penetration testing, and data encryption to help protect the security of client data at all times.

 

icon-product-19

Penetration testing

We conduct regular testing to help ensure that our defenses are sufficiently keeping up with current-day vulnerabilities that could be exploited.

icon-product-31

Vulnerability assessment

Origami Risk uses state-of-the-art tools to regularly perform scans for vulnerabilities within our information system and client applications.

icon-product-36

SSO & user security

Our role-based security provides clients the ability to easily manage their users’ access and capabilities down to the field level and can accommodate Single Sign-On authentication.

icon-product-11

Encryption

All data is encrypted in transit and at rest, databases use file-level encryption, and web traffic is encrypted using Transport Layer Security (TLS), all within our AWS Elastic Cloud environment.

icon-product-28

Intrusion detection & prevention

We utilize tools to establish a security perimeter that provides us with real-time alerts of suspicious activities and traffic that are indications of an active or attempted compromise.

icon-product-3

DNS security extensions

Origami’s public/private key cryptography creates a chain of trust and provides validation that ensures users are connecting to the correct domain no matter their location.

Thinking about making the switch? We are all ears.

Get all the answers you need about converting to Origami Risk.