Data Security
Keeping the personal and sensitive data we hold secure is our number one priority
How do we ensure the security of your data?
Although so much of our daily activities are now transacted online, there is always a fear that that data can be compromised, and when you are dealing with personal and sensitive pay data, security is paramount.
As a provider of not only ePayslips but also payroll outsourcing, we have established a water-tight framework of policies and security procedures that include all legal, physical and logical controls.
ISO/IEC 27001 Certification
We hold ISO 27001:2013 as our Information Security Framework. This is the highest accreditation and is designed to maintain the confidentiality, integrity and availability of information assets and provide effective risk management.
In short, ISO 27001 demonstrates that we are externally audited and recognised as following information security best practice for the protection of your data.
ISAE 3402 External Audit
As an additional level of external audit, we also undertake an ISAE 3402 Type II Service Organisation Control report. In a nutshell, this is carried out by independent auditors.
Employee authentication and verification
For your employee's peace of mind, our web-app allows the use of Multi-Factor Authentication (MFA), and we have incorporated biometric login options (fingerprint and face recognition) to access our mobile app.
MFA is available using a choice of apps which include Google Authenticator and Duo, to name but a few.
During employee activation, we engage in a multi-stage verification process that ensures the validity of an employee's identity before access to the ePayslips account is granted.
We are also able to provide Single Sign-On (SSO) to our employee platform using SAML 2.0. SSO works by transferring the users' identity from one place (the identity provider) to another (the service provider).
