Skip to main content

Security

Orbita security is extremely important to Orbita and is integrated into our day-to-day culture to protect your data from potential threats.

  • Capabilities

    • Information security architecture Orbita maintains a highly secure cloud-based solution that is built on a secure infrastructure. Policies, procedures, and security controls are in place to meet or exceed the high standards of our customers as data is handled by people, processes, and technology supporting Orbita solutions. Information security systems and frameworks are used to ensure that Orbita systems and data managed within are protected from harm. It is through these systems that we have integrated administrative, technical, and physical safeguards to protect against potential threats.
    • Network and communications All systems are protected using firewalls, IDS, and IPS systems which are in place to prevent unauthorized access and detect against potential intrusions and monitor for suspicious activity.
    • Data protection All data-in-transit and data-at-rest are encrypted using industry-standard cryptographic controls. All transmissions between services and critical end-points are protected using encryption to protect the transmission of confidential data.
    • Penetration testing Vulnerability scanning and security penetration testing are performed regularly to protect systems, networks, and services ensuring that no threats exist to Orbita solutions. Any potential threats that are discovered are reviewed and acted upon accordingly.
    • Vulnerability management Orbita’s risk management planning and operations have established systems and processes in place to monitor, capture, and address a range of potential vulnerabilities. Controls are used to ensure that Orbita team members are trained, external monitoring can protect critical information regarding events, and procedures and supporting systems are able to respond to incidents should they arise. Following industry standards including NIST SP 800-61, Orbita commits to maintaining the core incident management components for handling incidents including: preparation, detection and analysis, containment, eradication, recovery, and critical post-incident activities.
    • Security-by-design Orbita’s solutions start as secure and remain secure. A highly trained development team, competent in developing secure solutions lead the architecture, development, and maintenance of Orbita solutions. The team follows secure development practices that 1) Establish secure defaults for all systems and configurations, 2) Ensure safe and secure error handling that does not expose potentially compromising information, 3) Do not trust services by default and disable all services that are not used, 4) Enforce Separation of duties including roles defined within development, testing, support, and approvers for changes, 5) Ensure all code is developed in a manageable form with proper documentation to maintain knowledge control of changes and approvals, 6) Address security issues at the root cause.
    • Patching and updates Critical patches and updates to all Orbita systems and services are tested then applied as soon as available and validated by the internal team. Testing within sandboxes is performed to ensure the performance and function of the patches and updates are safe and appropriate for Orbita systems.
    • Disaster recovery & continuity management Orbita takes data integrity very seriously. As stewards and partners of Orbita Customers, we strive to assure data is protected from unauthorized access and that it is available when needed. All critical data is backed up and tested regularly. Backups are stored safely and securely in a different location to ensure timely recovery with little to no downtime from any unplanned outages.
    • Breach management If you suspect a security issue or data breach with Orbita’s platform or services, please notify us by emailing the details to: security@orbita.ai. Your request will be kept confidential, taken seriously, and investigated with due diligence.

For more information, please visit the Orbita Trust Center page.