We ensure that Risk; Security and Compliance services are designed to help and protect Oman Data Park information and physical resources. Oman Data Park ensures that controls are in place to manage the risk of interruptions that may impact the service level commitments of our clients.
Oman Data Park’s Risk & Compliance Department is responsible for setting objectives for Information Security Management to reserve the commitment to our customers. This includes setting policies in the following areas:
Establishes ODPs direction and support for information security and sets a risk management framework that is in accordance with business requirements and relevant to laws and regulations.
focuses on achieving and maintaining appropriate protection of Oman Data Park’s critical infrastructure required for its service delivery.
Human resources security
Controls ensure that all ODP employees, contractors and third party users understand their responsibilities, and are suitable for their designated roles with a Non-Disclosure agreement signed.
Physical and environmental security
to prevent unauthorized physical access, impairment, and interference to the organization's premises and information. Access Control Framework ensures authorized accesses to the appropriate systems and resources.
Information security incident management
Policies and processes ensure information security events and flaws are communicated in a manner allowing timely corrective action.
Security vulnerability reporting
ODP carries out continuous vulnerability scans across its infrastructure and ensures needed remediation is in place. ODP prioritizes to mitigate any reported security observations/vulnerabilities.
The compliance and validation phase is an important collection of audit and review activities that provide assurances that our implemented controls are designed and operating effectively and aligned with the policies set by the security organization. Certifications and standards ODP is following:
- ISO27001 Information Security Management System
- ISO20000 IT Service Management System
- PCI-DSS Payment Card Industry Data Security Standard
- OHAS 18001 Occupational Health & Safety Management System
- ISO 9001 Quality Management System
|Oman Data Park holds ISO 20000:2011 for IT Service Management which governs its Service Delivery operations. Click here to view the certificate.|
|Oman Data Park Holds ISO27001:2013 for Information Security Management System.Click here to view the certificate|
|Oman Data Park holds Tier 3 Data Centre Design Certification. Click here to view the certificate.|
|Oman Data Park holds Data Centre Site Certification. Click here to view the certificate.|
Oman Data Park takes security very seriously and investigates all reported vulnerabilities. This page describes our practice for addressing potential vulnerabilities in any aspect of our services.
Communicating with Us
- If you have a security concern regarding Oman Data Park services please e-mail to firstname.lastname@example.org.
- If you have a security concern with Oman Data Park Payments, or other related issues such as invalid orders, invalid credit card charges, suspicious emails, or vulnerability reporting, please e-mail to email@example.com.
You will receive a non-automated response to your initial contact within 48 hours, confirming receipt of your reported vulnerability. You will receive progress updates from us at least every 7 working days.
Penetration Testing Request
Oman Data Park provides a robust and trustworthy platform for our customers. We take security very seriously and continually monitor our services for suspected attack. We also understand that security is a partnership between us and our customers. A critical phase of any secure application deployment involves testing applications for potential vulnerabilities.
Our Acceptable Use Policy describes permitted and prohibited behavior on Oman Data Park infrastructure and includes descriptions of prohibited security violations and network abuse. However, because penetration testing frequently is indistinguishable from these activities, we have established a policy for customers to request permission to conduct penetration tests.
Please contact firstname.lastname@example.org for penetration testing requests.