Security and Reliability

Physical Security

Officio applications is hosted in state-of-the-art data centers designed to protect mission-critical computer systems with fully redundant subsystems and compartmentalized security zones. Our data center adhere to the strictest physical security measures including, but not limited to, the following:

  • Multiple layers of authentication for server area access
  • Two-factor biometric authentication for critical areas
  • Camera surveillance systems at key internal and external entry points
  • 24/7 monitoring by security personnel

All physical access to the data centers is highly restricted and stringently regulated.

Redundant Server & Datacenters

Officio infrastructure uses redundant storage and servers to keep the application and your data available in the case of hardware failure – and another set of servers and storage in a geographically separate datacentre in case our primary datacentre is made unavailable by a disaster or other disruption.

Our datacenter compliance standard includes;

  • SOC 1 Type II
  • SOC 2 Type II
  • ISO 27001
  • PCI-DSS

Managed Hosting

The Officio Application utilizes Vultr.com for hosting requirements. With a vast array of clients with varying needs, Vultr provides an environment that allows for the fast delivery of features, continued product innovation, reliable security and stability and a reduced chance of downtime.

Backups

The data in your Officio account is replicated across multiple database servers in two geographic locations to prevent a single failure from causing data loss. Additionally, that data is backed up nightly to secured device and stored in a secure offsite location to ensure that, even in the event of a catastrophe like a tornado or flood, your information will be safe and your records can be quickly restored.

Application Security

Our application framework is equipped with the latest security features that covers the following;

  • Improper input handling (such as cross-site scripting, SQL injection, XML injection, and cross-site flashing)
  • Cross-site request forgery (CSRF)
  • Cookies protection
  • Password hashing
  • Weak-session management

SSL

All information traveling between your browser and Officio is protected from eavesdroppers with 256-bit SSL encryption. The lock icon in your browser lets you verify that you aren’t talking to a phishing site impersonating Officio and that your data is secure in transit.

To ensure that no encrypted data can be modified by an unauthorised party, our application signs encrypted values using a Message Authentication Code (MAC).