All data, between all systems, is transmitted over secure SSL connections. The OIX certificates are registered with DigiCert, an industry leading SSL provider.
The OIX MySQL database leverages the AWS Relational Database Service (RDS). Amazon RDS enables OIX to encrypt its database using keys, which are managed through AWS Key Management Service (KMS). Data storage is encrypted, as are its automated backups, read replicas, and snapshots. RDS encryption uses the industry standard AES-256 encryption algorithm for encryption.
OIX document transfer, management and storage is accomplished via the Box.com platform. Box facilitates secure cloud-based document transferring via high-grade TLS and provides multi-layered encryption for stored documents (“at rest”) with 256-bit AES.
Box supports global customers with ISO 27001, ISO 27018, PCI DSS, UK G-Cloud Approval for Official Data, FedRAMP, FIPS 140-2, SEC 17a-4, and HIPAA/HITECH. Document storage meets third-party assessments and reports, such as SOC 1 (SSAE 16) Type II, SOC 2 Type II and SOC 3.
The OIX maintains web application security best practices and employs third-party security testing and validation to ensure that your valuable data is kept safe.
To learn about the security of our application, business workflows, processes and best practices, please contact us to learn more.