Skip to content
OMGSystems Logo
Security

Security & Privacy by Design

Your data is protected with military-grade encryption, stored exclusively in Canada, and monitored 24/7 by our security team.

99.99%
Uptime SLA
256-bit
Encryption
🇨🇦
Data Residency
24/7
Monitoring
Contact UsPrivacy Policy
Four Pillars of Protection

How We Protect Your Data

Bank-Level Encryption

Military-grade encryption protects your data at every layer

In Transit
TLS 1.3
Perfect forward secrecy for all connections
At Rest
AES-256
AWS KMS with customer-managed keys
Key Rotation
Automatic
Regular rotation with zero downtime
🇨🇦

100% Canadian

Data never leaves Canada

Infrastructure

AWS Canada Central Region

All hosting and data storage uses Amazon Web Services Canada Central region, ensuring your data never leaves Canadian soil and complies with all Canadian data residency requirements.

Toronto DC

Primary infrastructure

Montreal DC

Redundant backups

PIPEDA

Full compliance

Encrypted

In transit & at rest

Access Control

Role-Based Access Control

Every user has precisely the access they need—no more, no less. All actions are logged and auditable.

A

ADMIN

Full system access, security settings

S

STAFF

Client management, limited admin

C

CLIENT

Own data access, portal features

V

VENDOR

Scoped access to assigned clients

Multi-Factor Auth

TOTP or hardware tokens required for admin

Session Security

Auto-timeout, secure tokens, concurrent limits

Audit Logging

Every action logged with user and timestamp

Incident Response

Rapid Response Protocol

In the unlikely event of a security incident, our team responds immediately with a proven process.

1

Detection

<1 hour

Automated monitoring triggers alert

2

Triage

<2 hours

Security team assesses severity

3

Containment

<4 hours

Immediate threat isolation

4

Recovery

<24 hours

Full restoration and verification

Architecture

Security Architecture

WAF & DDoS Protection

First line of defense against attacks

Load Balancer & TLS

Encrypted connections, traffic distribution

API Gateway

Rate limiting, authentication, routing

Application Layer

Business logic with security controls

Database Layer

Encrypted storage, access controls

Security Layers

  • Web Application Firewall
  • DDoS Protection
  • TLS/SSL Termination
  • API Rate Limiting
  • Authentication & Authorization
  • Data Encryption

Monitoring Points

  • Network Traffic Analysis
  • Application Performance
  • Database Access Logging
  • User Activity Auditing
  • Security Event Correlation
  • Compliance Reporting

Security FAQs

Where is my data stored?
All data is stored exclusively in Canadian AWS data centers (Canada Central region), ensuring full compliance with Canadian data residency requirements. Your data never leaves Canadian soil.
Can your support team access my files?
No — our system is support-blind by default. Any break-glass access requires dual approval from authorized personnel and is fully logged, audited, and reported.
How do you manage encryption keys?
We use AWS Key Management Service (KMS) with automatic key rotation. Keys are stored separately from data, never in plaintext, and access is strictly controlled with comprehensive logging.
How do you ensure data security?
We use industry-standard encryption, Canadian data residency, role-based access controls, and continuous monitoring to protect your data.
What happens during a security incident?
We follow a comprehensive incident response plan: immediate containment, root cause analysis, client notification when relevant, and thorough remediation with documented lessons learned.

Questions About Security?

Our security team is here to answer your questions and provide additional documentation.

Contact Security TeamCompliance Overview

Last updated: January 2026