# Security at Oobeya

In Oobeya security is **our highest priority**. See below for information about the security policies and practices of Oobeya. If you have any questions about security, please contact us at <https://oobeya.io/contact/>&#x20;

<div align="left"><figure><img src="https://3582076375-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2F84efqUuqCbRLUMi0y9iS%2Fimage.png?alt=media&#x26;token=a19deb19-8251-4d29-81f9-c79c57f1e379" alt="" width="375"><figcaption><p>ISO 27001 Information Security <br>(the leading international standard focused on information security)</p></figcaption></figure></div>

***

## Product Security

* Single sign-on (SSO)
* LDAP / Active Directory integration
* Strong password policies (complexity standard, encryption, password reset procedure)
* Role-based access control (RBAC)
* Principle of least privilege (PoLP)
* User-based & team-based privacy configuration
* Cross-Origin Resource Sharing (CORS)
* Audit logging

## Organization Security

* ISO 27001 Information Security (the leading international standard focused on information security)
* Information security training and awareness program for employees
* Employee Confidentiality Agreement
* Centralized endpoint protection
* Security practices as a part of the Software Development Life Cycle
* Application Security Testing (AST)
* Policies & procedures implemented based on ISO 27001 Information Security

***

View the below page, to get more information about Oobeya Managed SaaS (Cloud) Security:

{% content-ref url="oobeya-managed-saas" %}
[oobeya-managed-saas](https://docs.oobeya.io/security/oobeya-managed-saas)
{% endcontent-ref %}