# 8.2 Security and Compliance

Security and compliance are paramount when deploying the Orbit platform in enterprise environments. Whether utilizing our SaaS version or opting for a custom deployment, Orbit is committed to maintaining the highest security standards to protect your data and ensure compliance with industry regulations.

### 1. **Security and Compliance in the SaaS Version**

The SaaS version of the Orbit platform is currently deployed on **Amazon Web Services (AWS)**, which provides industry-leading security features. We are also preparing to offer an **Azure-native version** that will adhere to Microsoft Azure’s robust security and compliance standards.

#### **AWS Security and Compliance**:

* **Data Encryption**: All data is encrypted at rest and in transit using advanced encryption standards.
* **Identity and Access Management (IAM)**: We utilize AWS’s IAM to control and monitor access to resources, ensuring that only authorized users have access to sensitive data.
* **Network Security**: AWS’s secure network architecture, including firewalls and DDoS protection, helps protect the platform from external threats.
* **Compliance with AWS Standards**: The SaaS version adheres to AWS’s comprehensive compliance framework, which includes certifications such as SOC 1/2/3, GDPR, and HIPAA.

#### **Azure Security and Compliance**:

* **Upcoming Azure-Native Version**: As we expand our deployment options, the Azure-native version of Orbit will follow Microsoft Azure’s security protocols. Azure provides similar high standards for data protection, including encryption, IAM, and network security, ensuring robust protection for your data.

### 2. **Following Industry Best Practices**

We are committed to following industry best practices to safeguard our platform and your data. Our security measures are aligned with the strictest standards commonly found in the industry.

#### **Key Security Practices**:

* **Data Protection**: We implement rigorous data protection measures, including encryption and regular security audits, to ensure that your data remains secure and confidential.
* **Access Control**: Strict access control mechanisms are in place to limit who can view or interact with sensitive data, reducing the risk of unauthorized access.
* **Regular Security Updates**: The Orbit platform is regularly updated with the latest security patches and improvements to protect against emerging threats.
* **Incident Response**: We have a robust incident response plan in place to quickly identify, mitigate, and resolve any security issues that may arise.

### 3. **Compliance Standards**

Our commitment to following best practices and maintaining the highest security settings ensures that Orbit is well-positioned to meet your organization’s compliance requirements.

#### **Security Settings**:

* **Comprehensive Monitoring**: Continuous monitoring of the platform ensures that any potential security issues are detected and addressed promptly.
* **Data Privacy**: We adhere to data privacy principles, ensuring that personal and sensitive data is handled in compliance with applicable regulations such as GDPR.
* **Documentation and Transparency**: We maintain detailed documentation of our security practices and are transparent about the measures we take to protect your data.