Overbond uses a secure, durable technology infrastructure with industry-recognized certifications and audits: ISO 27001, FISMA Moderate, and SOC and SOC 2 audit reports. Even some of the most data-sensitive governmental departments have data in the cloud. The cloud allows them to maintain their compliance requirements with ease.
Overbond’s cloud infrastructure ensures highest availability and performance with multiple Availability Zones and data centres within each Amazon Web Services Region. Availability Zones are connected to each other with fast, private, fiber-optic networking, enabling Overbond to architect applications that automatically fail-over between Availability Zones all without interruptions.
Overbond’s cloud infrastructure uses built-in antivirus and anti-malware detection on all environments using industry certified tools to ensure a stable environment. Overbond's systems are designed with defined and isolated user permission settings while logical data isolation ensures all data remains accessible only to intended permission holders. Amazon Web Services provides technologies such as auto scaling, Amazon CloudFront and Amazon Route 53 to mitigate Distributed Denial of Service attacks.
Overbond's platform employs multiple enterprise level software development processes, including rigorous code-level inspection of all software delivered to our clients. In doing so, we ensure that Overbond is secure and adheres to rules and regulations in every jurisdiction where we operate. Overbond enforces complex password policy to ensure extra layers of security. All passwords are stored in hashed formats and never stored in clear text. Failed user authentication attempts will be monitored and may trigger user account lockout and/or investigation.
Overbond ensures user verification by limiting organization account access to be initiated only by Overbond’s security personnel. In addition, individual user account permission is granted only by authorized organization user(s). All new user requests are subject to a review process and are monitored by Overbond’s security team.
All data generated through the application is encrypted using industry leading techniques: built-in encryption, the connection uses TLS 1.2., encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism. Secure Sockets Layer (SSL) and hardware-based cryptographic key storage.
All sensitive data is encrypted and stored offsite with access restricted by firewalls and access policies. Access to the data by personnel is monitored, auditable and is secured through multi-factor authentication and enforced by roles. Overbond’s support and security personnel go through thorough background checks.