Omegabit facilities and operations are SOC-2 certified in direct cooperation with its facilities partner, Digital West Networks, Inc.  A copy of the primary facilities SOC-2 certification is included with this submission and supplemental references for secondary operations are available on request.  Omegabit also features secondary Disaster Recovery and Point of Presence operations at facilities managed in partnership with Digital West and industry leading suppliers Equinix, and CoreSite featuring the most modern and compliant plant and core operations available in support of application specific certifications.  Omegabit directly owns and controls all infrastructure extending from the Internet drops: servers, firewalls, edge switching, storage, etc., and relies on its partner facilities for high-availability cooling, power, and physical plant security as well as emergency hands-on operations.

Omegabit follows extensive security protocols following best practices for PCI, FERPA, FEDRAMP and similar compliance modeled on industry standards and best practices. This includes emphasis on traditional IT and host infrastructure security for Internet providers, as well as specialized training relating to custom application designs and the implementation of Liferay, specifically. Many practices are modeled after requirements established from its broad base of customers operating sensitive applications for finance, healthcare, government, education and similar purposes. Omegabit is able to support most any compliance requirement and typically will establish operational policies that are considerate of best practices and the specific requirements of the Customer.

A Table of Contents (TOC), outlining procedural content has been provided for reference; full content is obfuscated due to its proprietary and sensitive nature. The following outlines are provided: "Omegabit Disaster Recovery PlanTOC", "Omegabit IT Security TOC", and the "Omegabit Employee HandbookTOC". Collectively, these documents cover many of the issues identified in this list. Other items are covered by our Operational Wikis. A supplemental document titled "Omegabit Information Security Questionnaire" is also included, which addresses the most common questions concerning overall security practices, capabilities, and options.  Omegabit is also able to maintain a custom policy and procedures for customers with special needs, e.g. PCI or similar compliance. A sample policy statement titled "Omegabit Operations Policy Guidelines and Recommendations - Redacted Generic" has been provided of an example maintained with a PCI compliant tennant.

Omegabit provides a highly secure default configuration  as well as advice and guidance on the specific settings relevant to the Client implementation.  This is documented extensively in Omegabit Operations Wikis and Customer Wikis for properetary confiugrations, where applicable.