Trust

As a Salesforce customer, we know you have made a conscious decision to choose software built on trust and security. We aim to provide service that meets these same expectations.

 

Oktana manages a compliance program that carefully considers data protection matters, with both physical and remote considerations, across our onshore and nearshore teams. We maintain a growing number of certifications and attestations to validate our commitment to the security of our business and yours.

 

To request more information or to report a potential security incident, please contact us at [email protected].

SOC 2

SOC 2 Type II report covering Security, Availability, Integrity, Confidentiality & Privacy

The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments as they relate to the retrieval, storage, processing and transfer of data. The SOC 2 reports cover controls around security, availability and confidentiality of customer data. Additional information can be found on the AICPA website.

Compliance & Governance FAQ

External Security Assessments

Attestation of penetration tests and security assessments performed by third parties

We conduct regular external security assessments. Upon request, we can provide a high-level report intended only to provide information on the tests performed and scope of testing. As verified by external audits, vulnerabilities discovered during testing are tracked and resolved in accordance with corporate policy and industry best practice.

Business Continuity Plan

Attestation of a disaster recovery plan validated by third parties

Oktana maintains a global Business Continuity plan that covers each of our locations and supports a robust strategy to provide continuous secure service in the event of disaster. As validated by external audits, this plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering.

Data Privacy Framework

Commitment to EU-U.S. Data Privacy Framework Principles

Oktana is currently in the process of self-certification for inclusion on the Data Privacy Framework List in demonstration of our commitment to the management of personal data received in compliance with the Principles set forth by the EU-U.S. Data Privacy Framework. By doing so, we are subject to the investigatory and enforcement powers of the FTC, DOT and any other authorized U.S. statutory body.

Onshore Resources

We understand your compliance needs
With access to onshore resources, we have the ability to meet compliance requirements specific to industries including Financial Services, Healthcare and U.S. Public Sector, all of which we actively serve.

Modern Slavery

We do not tolerate any form of modern slavery, forced labor or human trafficking.

At Oktana, we are citizens of the world and understand our responsibility within it. We do not tolerate modern slavery or human trafficking in our organization or in our supply chain. In compliance with the Modern Slavery Act 2015, we take steps to ensure there is no modern slavery in our own organization and that of our supply chain. As a custom development service provider, we use very little unskilled labor, so the risks of modern slavery are minimal compared to other industries. Nevertheless, we take such obligations seriously and will continue to maintain internal processes to avoid this and endeavor to monitor potential risk areas within our supply chain.

 

This statement has been approved by the Oktana Corporation Security Committee in line with section 54(1) of the Modern Slavery Act 2015 and constitutes our annual modern slavery and human trafficking statement for the year ending 31 December, 2024.

By continuing to use this site, you agree to our cookie policy and privacy policy.