Introducing FieldTwin 8.0: See our release video, and sign up to our webinar to see a live demo!

Security and Privacy at FutureOn

SOC 2 Type II Logo
ISO 27001:2022 Logo
GDPR Approved Logo

You’re entrusting FutureOn with your data, and we take that responsibility very seriously and it is our highest priority. See below just some of the measures we take to keep your data safe, prevent leaks and block unauthorized access:

Continuous vulnerability scans

Application security is of the highest importance at FutureOn. During our Software Development Lifecycle (SDLC) we continuously scan FieldTwin for zero-day exploits and known software vulnerabilities.

Regular third-party penetration tests

We’re committed to regular third-party penetration tests and code auditing, usually on a quarterly basis. We publish these findings with potential and existing customers.

Physical Security

All FieldTwin staging and production infrastructure is hosted in our Cloud Service Provider (CSP) environments. Therefore, all physical and environmental related controls which includes access to buildings are managed by our chosen CSP partners.

Our selected partners are certified to SOC1, SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018 and PCI DSS.

Corporate Training

Every employee at FutureOn from Sales to Development, including contractors undergoes in-depth cyber security awareness, GDPR awareness and privacy awareness training on their first day.

We run regular internal training sessions and all employees must keep up-to date and have attended a refresher at least once yearly.

Access Management

FutureOn provides all of our clients, at no additional cost the functionality to implement Single Sign On using their preferred identity provider. We support Microsoft On-Premise AD, Azure AD, SAML 2.0 and OIDC.

We believe SSO is a core security requirement for any company, and is critical to IT and Security Teams to effectively manage user access.

Secure Hosting

We host FieldTwin data in state-of-the-art data centres, usually in Google Cloud, Microsoft Azure or Amazon Web Services. The location depends on the needs of the individual customer and applicable laws, but we are happy to deploy FieldTwin to the customers preferred location if it is available to us.

Highest industry standard encryption

We ensure encryption of all information while it’s in transfer and at rest. Data uploaded, created or stored in FieldTwin is considered customer confidential and customer owned. This data is protected in transit across public networks and encrypted.

All data transmitted between FieldTwin and a FieldTwin end user browser session is protected using TLS and HTTP Strict Transport Security (HSTS). 256-bit advanced encryption standard, with regular encryption key rotation.

We also allow customers to provide their own encryption key. We use strong 2048-bit keys for our SSL certificates, sign authentication tokens with SHA256 HMAC signatures and use BCrypt for password storage.

Further Reading

You can find more in-depth information about our Security and Privacy on this page.

You can also contact our security team by email at for any security related queries.

Are you ready to get started?

Smart solutions for the digital oilfield of the future.

Follow us

© 2024 FutureOn – FutureOn a.s., Rebel, Universitetsgata 2, 0164 Oslo, Norway. All Rights Reserved.