Data Security

The security of your data and your client data is of the utmost importance to us

If you have any questions about our data security policies, please get in touch.

Our Data Security Controls

Our data security controls include, but are not limited to, the following:

Information Asset Security

Securing information assets is integral to OMNIMax’s Information Security Management System. We implement and enforce this through processes such as:  

  • Implementing and enforcing a clear desk policy. We ensure that our workspaces are clear of all sensitive items when unattended (physical or digital).  
  • We use cloud-based services for the creation and storage of files rather than local storage.  

Access Control

Software access has been identified as a high-risk area and so to prevent unauthorised access, unauthorised sharing, or loss of passwords due to human error, OMNIMax has implemented the following access controls:  

  • Use of a password manager to generate random passwords to ensure we do not use passwords more than once and that passwords meet our password creation policies. Our password manager stores and distributes our passwords for us so there is no risk of forgetting or losing passwords.
  • We use Two Factor Authentication where possible.  

Encryption

All web traffic is encrypted using SSL certificates and encryption at rest is applied to all sensitive information depending on the security classification.  

To ensure you have the best protection and data security we recommend you use a browser that supports data encryption. Always keep your browsers up to date – this will ensure all data transferred is secure. Use this handy tool to make sure you’re up to date. 

Operational Security

OMNIMax implements policies and controls to secure our critical infrastructure. These include but are not limited to:  

  • Installing anti-malware and anti-virus on all machines.
  • Backing up all information to the cloud.

Human Resource Security

Information Security Awareness: we provide information security training to all OMNIMax employees and contractors.  

Incident Management

OMNIMax has defined policies around the following information security incidents in accordance with ISO 27001:   

  • Ransomware attack  
  • Denial of service  
  • Data breach  

Data Retention

OMNIMax recognises Financial Advice Providers’ license obligation, and our obligation as an outsource provider, to keep records for at least seven years.  

Data Storage

Our software and your data are hosted through Microsoft Azure which holds substantial security certifications and physical security. Server-side encryption (SSE) is used to encrypt all Azure data.  

Security & Loss Prevention

All data is backed up on a regular basis, web applications are hosted behind a firewall and all web traffic is encrypted using SSL certificates. 

Firewalls

OMNIMax uses Azure products to secure OMNIMax against attacks. These protect against:   

  • All common web attacks  
  • Application vulnerabilities  
  • Malicious IP addresses and web bots  
  • HTTP Denial of Services attacks  

Backup

We regularly back up all data to the cloud and we can recover data to a particular point in time.  

Further Information

If you have any questions about our data security practices, please get in touch by emailing us at contact@omnimax.co.nz 

Why Work With Us

We’ve been fuelling financial advice conversations since 2002

Some of New Zealand’s top financial advice brands trust our solutions.

Wealthpoint logo
FoxPlan logo
BNZ logo
OMNIMax icon

We’re Here to Help

Looking for a no-obligation demonstration or just have a question? Contact our team today.