Skip to content

Security + Compliance

The Secure Platform Global Enterprises Trust

Rest easy knowing that OnRamp follows industry best practices for security, data protection, and compliance.

glenn-carstens-peters-npxXWgQ33ZQ-unsplash
Security and compliance is at the forefront of everything we do at OnRamp. In fact, security runs in our DNA, with several of our engineering team members hailing from backgrounds building software for the world’s largest banks, as well as leading healthcare and fintech companies.
62746e0a083c6b0e918e1966_OnRamp Certifications

OnRamp Certifications

Our practices are audited on an ongoing basis by third party assessors according to the most rigorous industry standards. Hundreds of daily automated tests ensure that the application and security practices are always in compliance.

  • SOC 2 Type 2 Certified
  • GDPR Compliant
  • CCPA Compliant
  • HIPAA Compliant
 
 

Infrastructure security

OnRamp is exclusively hosted on AWS. OnRamp inherits the control environment AWS maintains and demonstrates via SSAE-16 SOC 1, 2 & 3, ISO 27001, and additional certifications. In addition, OnRamp has deployed a 24/7 intrusion detection system that sits on-top of AWS with daily manual log reviews. All data is encrypted both in motion and at rest.

  • Hosted on a leading cloud infrastructure provider (AWS)
  • Network and Perimeter Protection
  • 99.9% Uptime
6229c024f02d269008e378bc_Infrastructure security
6229c0248ffb26732e031e10_Customer data protection

Customer data protection

The protection of your data is critical to your business, your customers, and your employees. OnRamp utilizes best-in-class practices (assessed by third party auditors) to keep it safe and give you the assurance you require.

  • Logical Tenant Separation
  • Encryption In-Transit (TLS 1.2, TLS 1.3)
  • Encryption At-Rest (AES-256)
  • Self-Hosted Data Storage Availability

Application protection

OnRamp follows a Test-Driven Development (TDD) software development process including both multi-party manual and automated security checks based on OWASP application security principles. Application security controls include: defense in depth, positive security model, fail securely, run with least privilege, intrusion detection, amongst others.

  • Web Application Firewall (WAF)
  • Distributed Denial of Service (DDoS) Protections
  • Regular Vulnerability Scanning
  • Annual Penetration Testing
6229c0243c9fc245d6c6f1b8_Application protection
6229c024dbd31b670ef6e21d_Organizational security

Organizational security

OnRamp has dedicated security personnel who have responsibility for security across the OnRamp organization. All OnRamp employees undergo background checks along with initial and ongoing security training and testing. All access is two-factor authentication controlled, logged, and run with least privilege controls.

  • Security Education & Awareness Training
  • 24/7 Monitoring and Incident Response
  • Vendor Risk Management

.

Compliance & privacy

Our practices are audited on an ongoing basis by third party assessors according to the most rigorous industry standards. Hundreds of daily automated tests ensure that the application and security practices are always in compliance.

  • SOC 2 Type 2 Certified
  • GDPR Compliant
  • CCPA Compliant
  • HIPAA Compliant
62746e66528a36d006e5ad4e_Compliance & privacy

Popular Features

 

622575d312039c7ffe399afd_certificate-1

Standard SSL Certificate

Secure your content data with standard SSL on all OnRamp pages.

 

622575d4d8c9b85acaf2a4c0_whitelist-1

Protected Portal

Your Customer Portal requires secure authentication against an email whitelist you control.

622575d3567197233253b3eb_file storage-1

Self-hosted file storage options

Opt to persist your files on your own SFTP server or Amazon S3 Bucket.

622575d3d678a5520ad15d42_SSO-1

Single sign-on
(SSO) credentials

Let users sign into OnRamp using single sign-on credentials.

 

622575d3b2da9986c9fb517e_domain-1

Custom Domain Security Settings

Allow your IT teams to manage the security requirements of your Customer Portal.

622575d49a559c750abaef73_audit-1

Audit Logs

Access audit trails of all activity conducted my members of your organization.

 

GET A PERSONALIZED DEMO

Ready to see OnRamp in action?

Our team will walk you through OnRamp's customer-facing portal and internal platform in a 30-minute demo.