Security and Privacy

At Optima Compass Group, we are committed to maintaining the highest standards of security to protect our users’ data.

Optima’s Security team establishes policies and controls and monitors compliance with those controls to ensure that your data is protected at all times.

Our Security Policies are based on the foundational tenets of information security:  confidentiality, integrity and availability. Every element of our information security program has been designed to implement one or more of these principles.

How we do it ?

Data Protection

Data at rest

Customer data is protected at rest through a multi-layered security approach that includes encryption, access controls, and monitoring. All data in our Google Cloud Infrastructure is automatically encrypted at rest using strong encryption standards, such as AES-256.

Data in transit

All Google Cloud virtual networking traffic is encrypted by default using TLS.  Data that travels over the open internet is protected using several mechanisms, including HTTPS, SSL/TLS, SSH and VPN, all of which use encryption to protect data and credentials.  Moreover, server TLS keys and certificates are managed by Google Cloud and deployed via Application Load Balancers.

Secret management

We use Google Cloud Secret Manager, a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage, access, and audit secrets across our Google Cloud infrastructure.

Product Security

Penetration Testing

We conduct penetration tests on a regular basis and whenever significant changes are made to our infrastructure or applications. Findings from these tests are used to enhance our security posture continuously. We also stay updated with the latest security threats and trends to ensure our defenses remain robust.  Penetration testing reports are available to our customers upon request.

Vulnerability Scanning

Optima Compass Group requires vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC).  All software applications and changes are run through a series of security vulnerability scans, both on a package level as well as a docker image basis. The package vulnerability scan ensures that all custom software and underlying dependencies used are free from vulnerabilities. Docker image scans ensure that all applications installed in the runtime environment contain no vulnerabilities. Similarly, we continuously monitor the packages and images to ensure no new vulnerabilities have been discovered. 

Enterprise Security

Endpoint protection

All employee devices are centrally managed and are equipped with mobile device management software and anti-malware protection. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Security education

Optima Compass Group provides comprehensive security training to all employees upon onboarding and annually through educational modules. In addition to that, all new employees attend a mandatory session centered around key security principles. All new engineers also attend a mandatory session focused on secure coding principles and practices.

Secure remote access

Optima Compass Group OpenVPN, a secure, reliable, and flexible solution for remote access, protecting sensitive data and ensuring that remote connections are secure.   It ensures the confidentiality, integrity, and authenticity of data transmitted over the internet.

Data privacy

At Optima Compass Group, data privacy is a first-class priority—we strive to be trustworthy stewards of all sensitive data. You can find our Data Privacy Policy  [here]