In Oveo we are determined to prioritise security. Our infrastructure and the services running on it are designed to keep your data safe. We have a set of well-defined processes in place to ensure that all the data we collect is kept safe and managed according to GDPR regulations.
Oveo believes strongly in transparency. As a customer in Oveo, you have full insights into what we store, where we store it and how we manage it.
All data is encrypted both in transit and at rest. Database instances, including read replicas and backups are encrypted using the industry standard AES-256 encryption algorithm. Encryption is enforced via TLS to all data in transit. Our databases are hosted on Amazon cloud infrastructure, using Multi-AZ deployment for enhanced availability and durability. Only secure (HTTPS) access to Oveo website and app is enabled. As such, all non-secure HTTP requests are redirected for the HTTPS endpoint before they can be served.
Oveo has implemented a role based access control for resources authorisation management. Each user is identified with a unique session and the user authorisation scope is defined by the role associated with the user. Organisation admin users can create and update roles and assign them to users, and full overview of which users have access to what.
Oveo uses OpenID authentication protocol for user authentication and has integrated Google and Microsoft identity providers.
Oveo uses MongoDB Cloud running on Amazon Web Services, and DigitalOcean for hosting and compute power. These service providers maintain and demonstrate SSAE-16 SOC 2, ISO 27001 reports and certifications. Web servers and databases run on servers in secure data centers located only in Europe.
To maintain a robust disaster recovery strategy, Oveo uses MongoDB cloud backup services which allows us secure backups as well as quick recovery. We test our backup recovery regularly.