Secure cloud analytics

Built by a team with years of experience — we know how to keep your data secure.

Platform security

Our platform is designed to prioritize the security of customer data. Encryption and isolation are used to keep data and credentials secure, and systems are strictly access-controlled on the basis of least privilege. Penetration testing and vulnerability scanning are used to proactively identify and close vulnerabilities.

Organization security

Our hiring and training processes emphasize data security as our most important job.

Our security program implements rigorous controls to protect customer data, including personnel background checks and regular security training.

Compliance

Our team is committed to maintaining the compliance needed by our customers. This includes annual SOC 2 Type II audits and meeting the standards of the General Data Protection Regulation (GDPR), California Privacy Rights Act (CCPA), and Health Insurance Portability and Accountability Act (HIPAA).

SOC 2
HIPAA
GDPR
CCPA

Modern analytics with robust security features

Governed data model

  • Control access to data on the view (table) and field (column) level

  • Row-based filtering based on user permissions

  • Model change management

Powerful security administration

  • Granular permission roles

  • Permissions on the user and group level

  • User attribute-based access control for flexible data permissions

  • SAML

Secure data connectivity and processing

  • Data connections are encrypted

  • Tunneled connections to securely access data in private networks

  • Data stays encrypted inside the Omni platform

One secure platform for all your data needs

 Learn more about our security practices

Data & infrastructure security

Infrastructure provider

Omni's platform is securely hosted within Amazon Web Services (AWS), US-East and EU-West regions that have on-site security personnel, extensive camera surveillance, and a suite of other security protocols.

Data encryption

All customer data stored on Omni is encrypted using the industry-standard AES-256 encryption protocol. Data in transit to or from Omni’s services is safeguarded using TLS or equivalent encryption technologies, ensuring end-to-end data protection.

Access control

User access is managed through centralized authentication and provisioning and rigorously enforced two-factor authentication (2FA). Our approach ensures that only authorized personnel can access sensitive information, bolstering our defense against unauthorized access.

Network security & system monitoring

Omni maintains stringent control over access to critical data and systems. Every access event is logged and our systems are continuously monitored. Any unusual activity is promptly identified and addressed.

Personnel security

Formal security policy

Omni maintains a robust security culture, anchored by a comprehensive set of security policies. These policies are continually reviewed and updated to adapt to the evolving security landscape. All employees are provided with these materials as part of their training, ensuring that our team is well-versed in our security protocols and best practices.

Onboarding & offboarding process

The security of our operations begins with our people. Each new team member undergoes a thorough background check as a precondition of employment. Additionally, all employees are required to complete an annual security training course, reinforcing our commitment to maintaining a vigilant and informed workforce.

We manage the access rights of departing employees meticulously. Using a centralized identity provider (IdP) we ensure immediate and comprehensive revocation of access to company devices and applications.

Development

Penetration Testing

To proactively identify and address potential vulnerabilities, Omni engages in regular penetration testing conducted by reputable security firms.

Application monitoring

Authentication activities are meticulously logged and audited. We employ a variety of tools to scrutinize the libraries used in our application for known vulnerabilities. Additionally, we consistently monitor the health and activity metrics of our production environment, ensuring robust performance and security at all times.

Change management

Our development process adheres to a rigorous Systems Development Life Cycle (SDLC), with a strong emphasis on security and efficiency. Utilizing GitHub, we ensure that every change to our system is thoroughly peer-reviewed and rigorously tested prior to deployment in our production environment.

Third-party vendor security

Omni extends our security principles to our network of third-party vendors. We have implemented a comprehensive process to ensure that all our sub-processors adhere to our stringent data protection and security standards.

Contact our team

Omni follows strict privacy laws and security standards to help keep our customers safe. If you’d like to learn more or request access to audit reports or other security documentation, please contact your account team or security@omni.co.

Ready to get started?