
Security and Privacy. Security and Compliance at Orion.

Orion Security and Privacy teams develop policies and controls ensure compliance via continuous monitoring and demonstrating security and compliance to third-party auditors.
The access is restricted to only those individuals having a valid business requirement and accordingly granted without any privilege principle.
The security controls must be implemented and layered as per the principle of defense-in-depth and applied consistently across all areas of enterprise.
Implementation of controls must be iterative, continuously evolving to improve effectiveness, reduce any friction and auditability.
Orion pays great deal of attention to security and ensures to maintain our datastores properly by ensuring customer information gets encrypted in a proper field-level encryption.
We believe in protecting your security in every possible way. Our security policies are built on the following principles.
Data gets encrypted even before going to the database so that neither physical or logical access could be made to the database to read sensitive information.
Orion pays great deal of attention to security and ensures to maintain our datastores properly by ensuring customer information gets encrypted in a proper field-level encryption.
Orion makes use of Transport Layer Security (TLS) 1.2 - an encryption protocol intended to keep data secure even over potentially challenging networks.
We utilize security measures like HSTS (HTTP Strict Transport Security) to enhance data protection in transit. AWS manages our server TLS keys and certificates, which are deployed through Application Load Balancers.
Our Encryption keys are managed well by the AWS Key Management System (KMS). The KMS handles encryption keys that get stored in key material like Hardware Security Modules (HSM) to avoid any individuals including employees of Orion.
Application secrets are securely encrypted and stored using AWS Secrets Manager and Parameter Store, with access strictly controlled.
We duly comply with a robust risk management and compliance framework with our Information Security Management System (ISMS) at its core.
ISMS allows assessing, managing, monitoring, mitigating security risks using special areas such as organizational context, leadership, planning, support, security operations, performance evaluation, and continuous improvement.
Security to us, means for everyone- customers, our team and beyond.
Orion engages with the industry's best-in-kind penetration testing consulting firms at least annually.
All the areas of SF and cloud infrastructure are in scope for assessments, source code is available to testers to fulfill the effectiveness and coverage requirements.
To get a better hang of the vulnerabilities, the company ensures robust enterprise security protecting company's data, systems and networks from cyber threats, ensuring confidentiality, integrity and availability.
With endpoint protection, all the corporate devices are equipped with mobile device management software and anti-malware protection.
Ensures remote access to internal resources, VPN and uses malware-blocking DNS servers to shield employees and their endpoints while browsing the internet.

Get the extension and access the widest coverage of B2B contact data from your browser.
202M+
Contacts
44M+
Companies
57M+
Emails
9M+
Phone numbers