Trust center

At OnlinePajak, we take security seriously

Security is one of the top concerns for businesses moving to a cloud-based solution, and entrusting your data to a third-party SaaS service provider necessitates rigorous security measures

More than 1 million individual and corporate users trust OnlinePajak with their data

We combine enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected.

And our customers rest easy knowing their information is safe, their interactions are secure, and their businesses are protected. We leverage secure components, such as encryption solutions, to protect customer data.

Our products and solutions meet rigorous security, privacy, and compliance standards

Including ISO 27001 ISMS, ISO 27701 PIMS, ISO 37001 ABMS & PCI DSS

Secure-by-design architecture

We deliver value within minutes, thanks to the cloud-based secure-by-design architecture
Physical security

We ensure the confidentiality, availability, and integrity of your data with industry best practices, as we operate in data centers that have been certified as ISO 27001, PCI/DSS Service Provider Level 1.

Application security

We are using a modern framework for developing our applications that address some of the common security threats out-of-the-box. We also do code review and automatic scan for any security vulnerabilities before we merge the code and release it to production.

Network security

We maintain a globally distributed security team that is on call 24/7 to respond to security alerts. Through network vulnerability scanning, the use of intrusion detection and intrusion prevention systems, and by participating in several Threat Intelligence Programs, we keep a continuous watch on the security of our customers’ data.

Availability and business continuity

We maintain a disaster recovery program to ensure services remain available or are easily recoverable in the case of a disaster. Customers can remain up-to-date on availability issues through a publicly available status website covering scheduled maintenance and service incident history.

Data security

Communications between customer and OnlinePajak servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS) over public networks. Our customers can benefit from the protection provided by encryption at rest for their primary and secondary DR data stores and storage of attachments.

Product security features

We make it seamless for customers to manage access and sharing policies with authentication and single-sign on (SSO) options. We also provide for 2-factor authentication and IP restrictions to enable partners to determine who can access their services.

Compliance certifications and memberships

We implement security best practices, in addition to what AWS, Alicloud, etc, already provide, to meet not just industry-based compliance, but the most stringent requirements.

Data & cloud providers

OnlinePajak works with data and cloud providers that adhere to the highest security standards

Would you like to know more?

We will be more than happy to tell you more about security, privacy, and other related topics