Opsview is ISO 27001 Certified

ISO 27001 Badge
Security Architecture

Security Architecture

  • Secure software development lifecycle, including extensive manual and automated testing, and peer code review
  • Secure development environments - physical and logical segregation along with data encryption
  • Rigorous and independent penetration testing by a National Cyber Security Centre CHECK service provider

Data and Compliance

  • Compliant with the EU General Data Protection Regulation [GDPR] for all personal data
  • Message and link-level encryption using AES-CBC-256, ensuring data security both at rest and in transit
  • Segregation of configuration and collected monitoring data​ - your system runs in its own dedicated environment and your data does not get mixed with that of other customers, vastly reducing the risk of any data leakage
Data and Compliance
ISO 27001 Certified

Security Credentials

  • Opsview is ISO/IEC 27001:2017 certified, with the whole organization in scope
  • ITRS Group is ISO/IEC 27001:2017 certified
  • Opsview will run on Linux operating systems with FIPS mode enabled
  • Our software is used in many secure government organizations across the globe 

Secure Operations

  • Opsview Cloud runs on Amazon Web Services, and your Cloud system can run in any of the available AWS regions to meet your data sovereignty requirements
  • AWS datacentres are operated to very high standards of privacy and data security
  • HTTPS-protected web interface (SHA-256 with 2,048 bit RSA), and REST API with brute-force lockout
  • Underpinned by a powerful Role-Based Access Control system, integration with your existing SSO providing via OAuth2 allows you to implement Multi-Factor Authentication and other security policies for your users
Secure Operations
Opsview Collectors

Opsview Collectors

  • Opsview Collector nodes in your environment connect outbound to your dedicated Opsview Cloud public IP on a single TCP port, making firewalling easy
  • Your monitoring data is protected by two layers of encryption in transit to the Cloud
  • Collectors are authenticated using industry-standard public key authentication, and each Collector uses its own keypair