Data Security

OpsRamp follows strict practices for customer data that we manage and store in the platform. We only capture and keep data that’s needed for IT operations functions on devices/applications that we manage. We encrypt all sensitive data and each customer’s data is accessible only to authorized users of that tenant.

Data Capture

OpsRamp only collects data that helps us manage our customer’s digital operations environment, including:

  • Performance Statistics to monitor the availability and performance of managed devices.
  • Events and SNMP Traps to understand device health.
  • Device Metadata for DNS names, models, operating systems and application configuration parameters.
  • Application Performance Statistics for tracking the performance of managed applications.

Agent and Gateway Security

  • Agents monitor and manage compute infrastructure across hybrid IT environment, and Gateways are virtual appliances that monitors app services, network and storage infrastructure.
  • Gateways can also act as a proxy between an Agent and OpsRamp for secure communication.
  • The Gateway and Agent have been architected to provide secure communication between OpsRamp and a customer environment.

Integrations

  • Our open API framework and pre-built cloud and on-premises integrations allow you to send alerts and tickets from your favorite application and infrastructure monitoring and service desk tools to OpsRamp.
  • We support inbound and outbound connections across all integrations for true bi-directional communication using basic authentication and OAuth authentication.

Remote Access and Control

  • OpsRamp’s remote consoles make it easy to access distributed hybrid infrastructure in a secure manner.
  • The platform records all actions carried out by an administrator on a device. You can use video playback recordings for audit trails, change and compliance management, and training purposes.

Product Security

OpsRamp has broad security features for maintaining the privacy and security of customer data. We’ve designed the hybrid IT operations platform with security-first principles that integrate safety and reliability into day-to-day operations

Audit Logs

  • We maintain logs of user activity and remote access across hybrid IT environments using the audit logs feature.
  • Customers can generate ad-hoc or scheduled reports on user activity for identifying access-related risks.

Communication Security

  • All communication to the OpsRamp cloud is Transport Layer Security (TLS) encrypted.
  • We provide the same level of encryption for data-in-flight and data-at-rest.
  • TLS encryption ensures that all network communications are secure without any kind of eavesdropping.

Identity Management

  • OpsRamp offers different options to manage user identity, including built-in user management, integrations with SAML and OAuth2 based authentication, and third-party authentication services.
  • OpsRamp supports single sign-on solutions (ADFS, Okta, Centrify and One Login) as well as multi-factor authentication services (FIDO, TOTP, YubiKey, Duo Security and Google Authenticator).

User Management

  • We grant user access to the OpsRamp platform using fine-grained permissions built on role-based access controls (RBAC).
  • Customers can create multiple roles and assign roles to users based on their responsibilities.
  • You can restrict the activities a user performs in OpsRamp based on roles, user groups, device groups, and permission sets.

Platform Security

OpsRamp leverages multiple layers of defense to provide a secure cloud platform to our customers. Our architecture, cloud operations, access and authentication and deployment architecture guarantee the highest levels of security and protection.

Platform Availability

  • We’ve built the OpsRamp platform for 99.99 % availability.
  • OpsRamp offers immediate and automatic failover when we lose connectivity to a primary datacenter.
  • During an automatic failover, the platform routes traffic to the secondary datacenter for built-in disaster recovery and fault tolerance.

Platform Architecture

  • The OpsRamp production environment is self-hosted across three different geographies so that we can better serve global customers.
  • Each geographic instance is a Point of Delivery (PoD) with active/active architectures for better scalability and easier manageability.

Platform Certifications

  • OpsRamp ensures continuous protection of customer data through compliance with industry standards like SOC 2 Type II which ensures robust internal controls for handling data.
  • The OpsRamp platform is hosted in Tier 1 datacenter providers which are compliant with ISO 27001 and SOC 1 Type I standards for security, availability, and confidentiality.

The OpsRamp Platform: Security and Compliance

Read our Security and Compliance whitepaper and learn how the OpsRamp platform collects, maintains, and safeguards the confidentiality of customer data.
 

The OpsRamp Platform: Security and Compliance