Omniway
Trust Center/Security

Security as part of our foundation

At Omniway, security isn't an isolated feature or a technical layer bolted on top of the platform — it's an integrated part of how we develop, operate and maintain our services. We handle information that's central to education organizations, and we work systematically to ensure that data is protected, available and accurate.

Infrastructure and hosting

Omniway's platform runs on Advania in Umeå, Sweden. All primary data is stored within Swedish borders, giving us strong control over data protection, legal requirements and access.

Operating from Sweden lets us ensure:

  • Data is handled within a clear legal framework
  • We have close control over operations and delivery
  • We can meet the requirements of the public sector and education providers

The infrastructure is designed for stable operation, high availability and redundancy when needed.

Encryption and data protection

All communication to and from Omniway runs over secure connections protected by established industry standards (TLS).

Data stored in the platform is handled according to recognised security principles, which means:

  • Information is protected against unauthorised access
  • Data cannot be read or tampered with in transit
  • Stored information is handled in a secure manner

We continuously track developments in security standards to ensure our protection stays current and sufficient.

Access and permission control

Access to systems and data is governed by clear permission models and established security principles. We work with:

  • Role-based access control (RBAC) — users only get access to what they need
  • Principle of least privilege — no unnecessary rights are granted
  • Traceability — access is logged and can be audited
  • Multi-factor authentication (MFA)
  • Single Sign-On (SSO) for integration with the customer's identity management

This delivers both strong security and a smooth user experience.

Secure development and continuous improvement

Development of Omniway follows structured practices where security is a natural part of the process. This means we:

  • Work with controlled development workflows
  • Continuously update and improve the platform
  • Manage vulnerabilities and updates on an ongoing basis

As part of our ISO 27001 work, this happens within a systematic and documented improvement process.

Incident management

Despite preventive work, incidents can occur. That's why we have clear processes to handle them in a structured way. When a security incident occurs:

  • We identify and isolate the problem quickly
  • Analyse the impact
  • Take action to minimise consequences
  • Inform affected customers according to established procedures

Our goal is always to act quickly, transparently and with a focus on restoring normal operations.

Backup and recovery

To make sure no data is lost, we run regular, automated backups.

  • Backups are taken every hour
  • Recovery can be carried out when needed
  • Processes exist for handling larger disruptions

This lets us guarantee continuity even during unexpected events.

Security across the organization

Security at Omniway isn't limited to technology — it covers the whole organization. Through our work with ISO standards, we ensure that:

  • Responsibilities and roles are clearly defined
  • Processes are followed up and improved
  • Security is part of daily operations

This creates a whole where technology, people and processes work together to protect customer data.

Back to Trust Center

Subscribe to our newsletter

Don't worry — we'll never spam you. We only send relevant news and updates that are worth your time.