We’ve met or exceeded large financial institutions’ data security requirements – some of the most stringent in the world. Rest assured knowing you’re protected by the best protocols.
Physical Access Control
Entry to the workplace controlled by access devices. Payroll data servers hosted in Tier 3 data centers.
Security Task Force
Management oversight and approval for user access to all systems. Quarterly user access audits. Least privilege access model.
Send and receive data securely via the preferred Secure File Transfer Protocol (SFTP) or via FTP with Pretty Good Privacy (PGP) encryption. Email with PGP / Transport Layer Security (TLS) encryption capabilities.
Annual external network penetration testing. All network and server devices covered by continuous monitoring protocols.
Daily backup and moved to encrypted tape. Tapes stored offsite. Annual archives retained.
SOC I Type II Certified & Privacy Shield Compliant
Our SOC I Type II reporting shows how we managed controls over time, for a more complete picture of our efforts.
Privacy Shield compliant means we are up-to-date with the most-recent data privacy and security requirements of the European Union.
GDPR goes into effect May 2018. There are many changes organizations will need to carefully consider making sure they are compliant with the effective date. The primary focus will be issues pertaining to communication, consent, privacy by design, providing a full audit trail, data exports and the new obligations on data processors. Learn more about preparing for GDPR.