Achieve OFDSS Compliance

Secureframe can help you achieve OFDSS compliance


OFDSS: Raise the bar for security in the Fintech ecosystem

The Open Finance Data Security Standard (OFDSS) is a framework of requirements that address the security risks most commonly encountered by emerging fintech companies that handle sensitive information. This new data standard was created to take modern, cloud-native delivery models into account, with auditable data security guidelines that maintain alignment across common criteria found in SSAE18 TSC for Security and NIST CSF.

OFDSS Compliance Involves:

  • Identifying and mitigating material security risks pertaining to systems, infrastructure, networks, business operations, and vendors
  • Inventorying and assigning accountability to all hardware and software assets relevant to the service
  • Provisioning and deprovisioning system access based on the principle of least privilege
  • Enforcing a formal change management process for governing software and application-related changes
  • Encrypting sensitive data-in-transit and at-rest
  • Retaining and deleting sensitive data in accordance with legal, regulatory, and contractual obligations
  • Collecting keys system and user logs, monitoring on key metrics, alerting on suspicious events, and responding to incidents
  • Segmenting trusted and untrusted networks and implementing network safeguards
  • Training personnel on security basics such as social engineering and phishing

How it works

OFDSS compliance involves 60+ security requirements across 12 control domains that address common data security risks. We simplify the process into a few key steps by automating security requirements and providing a step-by-step process to meet multiple operational controls. Our platform can save you time automating compliance while upholding best-in-class OFDSS standards.

Meet your dedicated account manager

Scan for discrepancies to secure your cloud infrastructure

Create your compliance policies

Easily onboard your employees

Remediate gaps & achieve compliance

Continually maintain OFDSS compliance

Interested in OFDSS compliance?