Our platform is designed to prioritize the security of customer data. Encryption and isolation are used to keep data and credentials secure, and systems are strictly access-controlled on the basis of least privilege. Penetration testing and vulnerability scanning are used to proactively identify and close vulnerabilities.
Our hiring and training processes emphasize data security as our most important job.
Our security program implements rigorous controls to protect customer data, including personnel background checks and regular security training.
Our team is committed to maintaining the compliance needed by our customers. This includes annual SOC 2 Type II audits and meeting the standards of the General Data Protection Regulation (GDPR), California Privacy Rights Act (CCPA), and Health Insurance Portability and Accountability Act (HIPAA).
Modern analytics with robust security features
Governed data model
Control access to data on the view (table) and field (column) level
Row-based filtering based on user permissions
Model change management
Powerful security administration
Granular permission roles
Permissions on the user and group level
User attribute-based access control for flexible data permissions
Secure data connectivity and processing
Data connections are encrypted
Tunneled connections to securely access data in private networks
Data stays encrypted inside the Omni platform
One secure platform for all your data needs
Learn more about our security practices
Data & infrastructure security
Omni's platform is securely hosted within Amazon Web Services (AWS), US-East and EU-West regions that have on-site security personnel, extensive camera surveillance, and a suite of other security protocols.
All customer data stored on Omni is encrypted using the industry-standard AES-256 encryption protocol. Data in transit to or from Omni’s services is safeguarded using TLS or equivalent encryption technologies, ensuring end-to-end data protection.
User access is managed through centralized authentication and provisioning and rigorously enforced two-factor authentication (2FA). Our approach ensures that only authorized personnel can access sensitive information, bolstering our defense against unauthorized access.
Network security & system monitoring
Omni maintains stringent control over access to critical data and systems. Every access event is logged and our systems are continuously monitored. Any unusual activity is promptly identified and addressed.
Formal security policy
Omni maintains a robust security culture, anchored by a comprehensive set of security policies. These policies are continually reviewed and updated to adapt to the evolving security landscape. All employees are provided with these materials as part of their training, ensuring that our team is well-versed in our security protocols and best practices.
Onboarding & offboarding process
The security of our operations begins with our people. Each new team member undergoes a thorough background check as a precondition of employment. Additionally, all employees are required to complete an annual security training course, reinforcing our commitment to maintaining a vigilant and informed workforce.
We manage the access rights of departing employees meticulously. Using a centralized identity provider (IdP) we ensure immediate and comprehensive revocation of access to company devices and applications.
To proactively identify and address potential vulnerabilities, Omni engages in regular penetration testing conducted by reputable security firms.
Authentication activities are meticulously logged and audited. We employ a variety of tools to scrutinize the libraries used in our application for known vulnerabilities. Additionally, we consistently monitor the health and activity metrics of our production environment, ensuring robust performance and security at all times.
Our development process adheres to a rigorous Systems Development Life Cycle (SDLC), with a strong emphasis on security and efficiency. Utilizing GitHub, we ensure that every change to our system is thoroughly peer-reviewed and rigorously tested prior to deployment in our production environment.
Third-party vendor security
Omni extends our security principles to our network of third-party vendors. We have implemented a comprehensive process to ensure that all our sub-processors adhere to our stringent data protection and security standards.
Contact our team
Omni follows strict privacy laws and security standards to help keep our customers safe. If you’d like to learn more or request access to audit reports or other security documentation, please contact your account team or firstname.lastname@example.org.