We take the security of your data very seriously.

We secure the software with a multi-layered, best-in-class approach.

 
 

All connections between user browsers and the application servers are via 256-bit SSL encryption with only the latest cyphers.

SSL (HTTPS)

Add multiple administrator accounts, restricting access to relevant areas of the admin portal. All access is logged for a minimum of 90 days.

Access-controlled admin

 
 
 

All back-end access requires two-factor authentication. You can choose to require this level of security for all admin users.

Two-factor authentication

 
 

You can choose a low, medium or high password complexity for your employees or you can implement Single Sign-On with SAML for maximum security.

SSO and employee password policies

 
 

All data files uploaded are encrypted with client-specific keys using AES-256 which are regularly rotated.

File encryption

 
 

Development, staging and production environments are physically and logically separated, with no real customer data loaded to the development or test environments.

The development team are fully trained and updated on the OWASP Top 10 security flaws, and we conduct frequent vulnerability scanning of the web application.

Source code repositories undergo regular scheduled security scanning by static code analysis tools.

Secure development

 
 

Application is third-party penetration tested once a year with results available upon request.

Third party auditing

 
 

Secure cloud hosting.

We host where the world’s biggest online services hosts. Amazon Web Services (AWS) is home to NASA, Netflix, Expedia, Pinterest, Slack, Goldman Sachs, Workday, Zendesk, Reddit, Airbnb - and your future employee recognition program.

In addition to the high-level AWS security controls, all web servers are physically and logically separated from customer data on our database servers. Firewalls and intrusion detection systems protect our application and database servers, all monitored 24/7. Only those who require access are granted access rights with all activity monitored and recorded.

Employee recognition program secure cloud hosting

Read more about the AWS hosting service, access controls, reliability and disaster recovery here and more about security here.

 

Get started with recognition software that passes all the tests.