# 8.2 Security and Compliance Security and compliance are paramount when deploying the Orbit platform in enterprise environments. Whether utilizing our SaaS version or opting for a custom deployment, Orbit is committed to maintaining the highest security standards to protect your data and ensure compliance with industry regulations. ### 1. **Security and Compliance in the SaaS Version** The SaaS version of the Orbit platform is currently deployed on **Amazon Web Services (AWS)**, which provides industry-leading security features. We are also preparing to offer an **Azure-native version** that will adhere to Microsoft Azure’s robust security and compliance standards. #### **AWS Security and Compliance**: * **Data Encryption**: All data is encrypted at rest and in transit using advanced encryption standards. * **Identity and Access Management (IAM)**: We utilize AWS’s IAM to control and monitor access to resources, ensuring that only authorized users have access to sensitive data. * **Network Security**: AWS’s secure network architecture, including firewalls and DDoS protection, helps protect the platform from external threats. * **Compliance with AWS Standards**: The SaaS version adheres to AWS’s comprehensive compliance framework, which includes certifications such as SOC 1/2/3, GDPR, and HIPAA. #### **Azure Security and Compliance**: * **Upcoming Azure-Native Version**: As we expand our deployment options, the Azure-native version of Orbit will follow Microsoft Azure’s security protocols. Azure provides similar high standards for data protection, including encryption, IAM, and network security, ensuring robust protection for your data. ### 2. **Following Industry Best Practices** We are committed to following industry best practices to safeguard our platform and your data. Our security measures are aligned with the strictest standards commonly found in the industry. #### **Key Security Practices**: * **Data Protection**: We implement rigorous data protection measures, including encryption and regular security audits, to ensure that your data remains secure and confidential. * **Access Control**: Strict access control mechanisms are in place to limit who can view or interact with sensitive data, reducing the risk of unauthorized access. * **Regular Security Updates**: The Orbit platform is regularly updated with the latest security patches and improvements to protect against emerging threats. * **Incident Response**: We have a robust incident response plan in place to quickly identify, mitigate, and resolve any security issues that may arise. ### 3. **Compliance Standards** Our commitment to following best practices and maintaining the highest security settings ensures that Orbit is well-positioned to meet your organization’s compliance requirements. #### **Security Settings**: * **Comprehensive Monitoring**: Continuous monitoring of the platform ensures that any potential security issues are detected and addressed promptly. * **Data Privacy**: We adhere to data privacy principles, ensuring that personal and sensitive data is handled in compliance with applicable regulations such as GDPR. * **Documentation and Transparency**: We maintain detailed documentation of our security practices and are transparent about the measures we take to protect your data. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.orbitfin.ai/8.-enterprise-deployment/8.2-security-and-compliance.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.