OMNIDEK has privacy and security-conscious policies that apply to all of our information handling practices.
- Contractual Privacy Protection for Customers
- OMNIDEK’s contracts include confidentiality provisions that prohibit us from disclosing customer confidential information, including customer data, except under certain narrowly defined circumstances, such as when required by law.
- OMNIDEK agrees not to access customer’s accounts, including customer data, except to maintain the service, prevent or respond to technical or service problems, at a customer’s request in connection with a customer support issue, or where required by law.
- Code of Conduct, Confidentiality Agreements, and Information Security Policies
- Every Omnidek employee and contractor must follow Omnidek ‘s code of conduct, sign confidentiality agreements, and follow Omnidek ‘s information security policies.
- Privacy Statement
- For information collected on Omnidek’s Web site, Omnidek provides assurances around the types of information collected, how that information may be used, and how that information may be shared.
- OMNIDEK offers individuals the opportunity to manage their receipt of marketing and other non-transactional communications.
- OMNIDEK offers individuals the opportunity to update or change the information they provide.
OMNIDEK ‘s comprehensive privacy and security program includes communicating with personnel and customers about current issues and best practices.
- Internal Training and Communications for OMNIDEK Personnel
OMNIDEK regularly communicates with our personnel about our obligation to safeguard confidential information, including customer data and personal information.
- OMNIDEK provides classroom training around confidentiality, privacy, and information security for all new employees during its new hire orientation.
- All Omnidek personnel are required to complete an annual privacy and security training and are tested on the materials presented.
- OMNIDEK communicates with all personnel about privacy and information security awareness through monthly newsletters.
- Customer End User Awareness
OMNIDEK strongly encourages all of our customers and users to adopt industry-standard solutions to secure and protect their authentication credentials, networks, servers, and computers from security attacks.
- We email end users about specific security issues when warranted
- Our professional services team provides consulting services to offer “best practices” for privacy and security in regards to Omnidek Users and Data.
OMNIDEK has multiple organizations, teams, and individuals responsible for security and security-related matters. The Chief Technology Partner is responsible for Omnidek’s security program and personnel, including information, product, and corporate security, enterprise risk management, and technology audit & compliance. The Chief Technology Partner also is responsible for Omnidek’s privacy program, including compliance with applicable privacy and data-protection laws. Additionally, all Omnidek personnel are required to follow Omnidek’s confidentiality, privacy, and information security policies
OMNIDEK maintains a comprehensive array of technical measures to protect the Omnidek service and offers a robust set of customer-controlled settings to further heighten privacy and security protection.
- Default Privacy and Security Features
- Application features that protect customer data:
- Customers passwords are not accessible by Omnidek personnel.
- Application logs record the creator, last updater, timestamps, and originating IP address for every record and transaction completed.
- Logical separation of customer data:
- Hardware and software configurations are designed to provide secure logical separations of customer data that permit each customer to view only its related information.
- Multitenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.
- The Omnidek service supports delegated authentication.
- Network security measures:
- Multiple layers of external firewalls
- Intrusion-detection sensors
- Security event management system
- Continuous external vulnerability scanning
- Redundancy and Scalability
The Omnidek service is highly scalable and redundant, allowing for fluctuation in demand and expansion of users while greatly reducing the threat of long-term outages. Load-balanced networks, pools of application servers, and clustered databases are features of our design.
- Disaster Recovery
All customer data is stored in secure data centers and is replicated over secure links to a disaster recovery data center. This design provides the ability to rapidly restore the Omnidek service in the case of a catastrophic loss.
In addition to our disaster-recovery capabilities, customer data is also backed up to offsite backups.
- Application features that protect customer data:
- Customer-Controlled Privacy and Security Settings
- Customers may determine which of their respective designees can access different categories of data.
- Customers may define log-off times for inactivity.