Security and compliance

Visma security program

onVisit is developed and supplied by Adaptive, which is part of Visma Group. The service runs in Microsoft Azure, with built-in mechanisms for high availability, robustness and continuous security updates.

Our security framework

  • ISMS based on ISO/IEC 27001
    We work according to an established information security management system (ISMS) based on ISO 27001 – with clear roles, risk management, internal controls and regular audits.
  • Visma Cloud Delivery Model (VCDM)
    Secure development and operation from design to production: security requirements in the development process, code reviews, vulnerability management, change control and documented preparedness.
  • Microsoft Azure 
    onVisit is hosted in Microsoft Azure with segmentation, encryption in transit and at rest, key management, monitoring, and logging. 

Privacy & data protection

  • GDPR by default
    Data minimization, defined deletion deadlines and role/access management. We offer data processing agreements and an overview of subcontractors.
  • Data storage and processing
    Delivery from European Azure regions. Upon request, we describe data storage, data flow and backup in detail.
  • Transparency & control
    Dynamic reports with export capabilities make compliance and internal control easier.

Continuity & preparedness

  • High availability
    Monitoring, alerting and established routines for incident management ensure rapid response.
  • Contingency plans
    Documented plans for incidents, including recovery and communication.

Integrations & Access

  • Single Signon and Directory Sync (SCIM)
    Central management of users and rights in line with company policies.
  • API and ecosystem
    Open interfaces and integrations for secure flow of data across systems.

Visma Security Center

onVisit is supported by Visma Security Center, the Visma Group's security function. The team delivers:

  • 24/7 Security Operations (SOC) with continuous monitoring, detection and response.
  • Incident and crisis management, with clear processes for escalation, communication and follow-up.
  • Threat intelligence and proactive defense, including vulnerability management and continuous improvement of controls.
  • Security consulting across Visma, for consistent and mature security practices across all products and services.

Security Center works closely with our product teams to ensure that findings from monitoring, testing, and audits are followed up quickly and effectively. 

Want to know more about security and privacy in onVisit?
Here you will find detailed information about our security programContact us for DBA, security architecture and detailed overview of data storage and processing. 

DO YOU NEED HELP TO GET STARTED?

Have a chat or digital coffee with us!

 +47 99563636
info@adaptive.no
Book a demo via Teams