OCRestful Security

At OCRestful, we understand that you take the security of your data seriously, as you should. We do too. We are practiced in the security requirements of ISO/IEC, NIST, IASME, among others. Since some of these security standards apply to you, we understand that by extension, they apply to us. Therefore, we apply a level of security conformance that aims to be superset-compliant; we strive to meet them all.

At the same time, we provide a back-end service to your front-end application, and we cannot usurp your application's control over user security and end-user authentication and authorization. We are not in that business and you don't want us to be. We focus on authenticating your front-end application as our true client, and ensuring we can securely handle its data and respond to its requests for services.

Some of the key security controls we have in place to safeguard your data include:

These measures ensure the safeguarding of the data you store in OCRestful, and allow you to remain compliant with the security standards that are in place in your business environment.