Skip to main content

Cloud security

This page is a overview of how ONEs keeps your workplace safe with our high security standard for our cloud subscription service.

Encryption

When in transit and at rest, customer data is encrypted. SSL/TLS 1.2+ is used to encrypt all connections to ONEs' cloud services. All certifications are validated by third-party authority on both sides.

Customer data is encrypted at rest using a key management system that automatically logs every access. Furthermore, passwords are hashed and salted using one-way encryption, which protects them even if unwanted database access occurs.

IP addresses for whitelists

ONEs' public-facing web service uses the following IP addresses for calendar connection. If you host your calendar server on-premise (e.g. Exchange), add these addresses to your firewall's whitelist. This will make sure ONEs is able to connect.

● 20.210.228.197

Ports

All application traffic is via standard web traffic port 443. Except those services which users can customize the port, such as LDAP or SMTP

Data center

ONEs provides a cloud service and hosted by data centers with the highest level of certifications including ISO 27001, ISO 27018, SOC 1, SOC 2, SOC3, FedRAMP, HITRUST, MTCS, IRAP, and ENS. For more compliance information, you can visit Azure Security and Azure Compliance.

Data residency

All application servers are based in the Singapore but may be accessed internationally via the internet. ONEs' CDN serves static assets (e.g. web page stylesheets) from servers across the world but does not touch sensitive customer data.

Data destruction

All cloud customer data is stored on Azure services, which based on their policy for data destruction: "When customers delete data or leave Azure, Microsoft follows strict standards for deleting data, as well as the physical destruction of decommissioned hardware. Microsoft executes a complete deletion of data on customer request and on contract termination. "

For details, please refer to Data management at Microsoft

Authentication

Password authentication is available by default to end users and restrict weak passwords. ONEs also supports Single Sign-On through ADFS (via WsFederation) or Open ID.

Application Development

New features, performance enhancements, and bug fixes are released on a monthly basis. While our development cycle is rapid, it is highly reliant on a tight framework for code quality and security. Prior to deployment to production, every code is peer reviewed and needs several layers of approval in test/staging environments.