Security Organizational Commitment

Our Commitment to Security

Protecting the privacy of our customer’s strategic marketing data is our highest priority, and we have many security technologies and best practices in place to ensure high levels of privacy.

  • Comprehensive risk management framework to identify, analyze, and mitigate risks
  • Information security program staffed with highly experienced security experts
  • Organization-wide security policies that govern all company departments
  • Employees undergo 3rd-party background checks and complete annual security training
  • All suppliers and partners are vetted to ensure commitment to our security policies
  • Practices related to information security and privacy meet regulatory standards

Highly Secure Cloud Platform

Our customers benefit from Amazon AWS data center, network architecture, and backup services that are built to meet the requirements of the most security-sensitive organizations. Origami carefully deploys the latest safeguards and mechanisms offered by AWS to protect customer privacy, including:

  • Strong authentication required to access management interfaces
  • Restricted access to the production environment
  • Separation of the production environment and test infrastructure
  • Real-time monitoring
  • Architecture built redundantly across availability zones for the same functions

Continuous Validation and Third-Party Certifications

Third-Party Security Certifications

The Origami Logic platform regularly undergoes rigorous vulnerability scans and penetration tests and has received the following security certifications from independent standards bodies.

  • ISO/IEC 27001
  • TRUSTe Privacy Certification
  • The European Union (EU)-United States (U.S.) Privacy Shield Framework

Additionally, our data center partners are ISO 27001, ISO 27017, SOC 1, SOC 2 and SOC 3 compliant.

Continuous Validation and Third-Party Certifications

State-of-the-Art Safeguards

We deliver results to our customers securely through the use of:

  • Firewalls to isolate databases and application servers from Internet threats
  • Secure https connections as the only means to access our platform
  • SSL/TLS encryption for transferring all data
  • AES 256 encryption for all stored customer information at rest
  • 24×7 monitoring of our infrastructure to ensure continuous service and performance
  • Redundancy across multiple physical servers and availability zones for high availability
  • Hourly backups of all customer data, which are encrypted at rest and retained for 30 days. Monthly and yearly snapshots are backed up to ensure data is fully recoverable in the event of a disaster.

Identity and Access Management

Identity and Access Management

Our customers can securely manage users and groups  and control access to sensitive marketing information with the Origami Logic platform using the following product features.

  • Federated identity single sign-on (SSO) – Select and customize how users authenticate with OAuth and SAML 2.0. Customers can use identity management tools including Okta and OneLogin.
  • User security profiles – Flexible, role-based profile management to control access by user types.
  • Session management – Monitor and terminate idle sessions after a configurable time period in case users leave their computers unattended.
  • Brute-force attack prevention – Set policies to require CAPTCHA verification, lock user accounts after failed login attempts, and customize the duration of time accounts remain locked.
  • Security logs – Logs provide valuable information about potential or real security issues. Email alerts regarding suspicious activity are routed directly to our Operations Team for review.

Identity and Access Management

See what your marketing data can do for you. Talk to an expert today.