intelliHR treats the protection of customer data as critical. We guarantee the integrity, confidentiality and availability of our customer’s data by implementing best practice security controls and policies.
There are often a number of questions that your team may have further to the data security overview we have previously provided. This article is designed to provide answers to those frequently asked questions.
How important is security to intelliHR?
The answer is of course VERY.
From owning, storing, transferring, accessing, backing up, monitoring, to testing & reviewing our security procedures, every aspect is covered to meet industry best practice standards.
Is my data secure?
IntelliHR takes data security seriously and invests in protecting your data. We put security measures and maintain policies and procedures to comply with required data security standards, and we continue to take all the necessary measures to improve our information security level. IntelliHR operates from AWS servers which have extensive security certification detailed here. We will never sell, share or otherwise distribute Personally Identifiable Information, except as required of us by law enforcement agencies. We do use internally anonymised data to support our product development and improvement processes and to produce aggregated statistical data benchmarks. Neither of these uses exposes any risk of personal identification.
Who owns our data?
Where and how is our data stored?
All your data is stored within the Sydney Australia region, using Amazon Web Services (AWS), one of the world’s leading cloud-based services. AWS is used by millions of businesses from Airbnb, to Capital One and Netflix. They provide the same advanced security features at all of their locations world-wide and are compliant with many security programs including the ISO 27001 Standard.
We are obsessive about Encryption, we encrypt all data in transit and at rest, in all services. We protect these encryption schemes by using AWS managed security such that none of our engineers have access to the private keys. We use AES 256 based encryption keys.
My team are impacted by GDPR, do you support that?
For customers seeking to comply with GDPR, as we are Australian based we will require your data to be transferred outside the European Economic Area (EEA). For our part we will take all steps reasonably necessary to ensure that your Data is subject to appropriate safeguards in line with our obligations stipulated in Clause 8.5. As part of our contract we will be seeking your approval for this data to transfer. We will seek similar transparent consent as part of the agreement your Team will complete during their first login. It is well accepted that Employers have a legitimate interest in collecting data relating to their team members employment, so this is something we present transparently to your team members, along with the need for you to retain some of this information even after their departure.
Is the transfer of my data secure?
We always use SSL for all transit of data (including internal inter-service communication), a minimal set of open ports (basically just HTTPS and VPN) and a defence-in-depth strategy where we assume edge facing services could become compromised and that internal services need to be just as hardened as external (we treat everything as if it was on the public internet).
We limit the duration of IntelliHR sessions and will automatically log you out after a certain time, we also support and encourage the use of Two Factor Authentication.
Who can access my data?
Your team – will have access to the data, using intelliHR credentials that you will manage, or via SSO (SAML 2.0). You can control who can view, edit, upload and download any information or document based on their configured access. We also recommend and support the use of two-factor Authentication.
Our team – a small number of authorised IntelliHR personnel as defined in our security policy can gain access to your data. Any IntelliHR team member doing so will be performing specific (auditable) tasks on your request via our support desk.
Should we expect downtime and is data backed up?
All data is hosted by the world-class Amazon Web Services (AWS) infrastructure across three data centres in Australia. intelliHR has multiple disaster recovery methods such as 6-hourly and daily recovery points. Since 2017 intelliHR has achieved 99.99% uptime. Availability is further strengthened by zero downtime during deployment of the majority of updates.
Our Servers are automatically deployed in line with load to ensure optimal performance. Australian data centres back up your data at least once a day and your data is fully restorable within a reasonable time in the unlikely event of a problem.
How do you monitor activity in intelliHR?
We log web server traffic metadata including source IP, user and URL but without data payload. Changes in our database raise events which are logged. The availability and performance of the application is continuously monitored to ensure extremely high uptime and immediate response to any failure. These logs are only available to senior engineering staff for troubleshooting application issues to protect the privacy of your data.
How do you use our data other than providing us with a service?
We use Anonymised data to support our product development (internal use only) and calculate broad statistical benchmarks (that can in no way identify an individual or Customer). IntelliHR confirm that all data used will be “Anonymised” for this purpose and therefore cannot be personally identified in any way. We also track customer interactions with our system, this information is useful to understand how effectively certain product features are operating, particular from a User Interface perspective. These insights are critical to helping us develop the best possible product experience for you, and our approaches are best practice for advanced SAAS developers.
How do you test and review your security so that it is always up to scratch?
We have developed a hardened application and infrastructure surface - we use external penetration testing to regularly test the attack surface of both our application stack and developer infrastructure. Our pen testing includes application credentials in order to explore session management and privilege escalation scenarios.
FAQ's from IT Departments
If you're storing multiple tenants within your cloud infrastructure, what security measures prevent one customer accessing another customer's data? Is our data segregated from other customers?
Depending on the data model we either are using a schema-level separation or a tenant key to ensure data queries cannot expose cross-tenant data leaks. We treat the code that controls tenant segmentation as critical with extensive code review for any changes. We also ensure development culture is incredibly focused and educated on any potential cross-tenant leakage possibilities.
How are you sure that new code releases do not have negative impacts upon security?
Infrastructure as code and highly automated development pipelines. We only deploy changes to production via automation. This allows us to test and predict the outcome of any change in our staging environment and utilise automatic testing to provide a very fast, very reliable QA and deployment process. This speed and reliability allows us to be aggressive on updating web application dependencies to close vulnerabilities as soon as they are discovered and patched. In the modern web development world this is critical due to the number of third party dependencies that every library requires.
What data loss prevention controls are currently in use?
Data in transit is always encrypted using TLS to prevent any man-in-the-middle attacks. Data at rest, including backups are encrypted at all levels using AES-256 encryption, with keys managed by AWS. Backups are stored in a separate account and require MFA to access. In addition, annual penetration tests are conducted to explore possible privilege escalation and session management attack scenarios.
What other security measures do you have in place?
- All data is stored on AWS Servers support by advanced security features which are compliant with ISO 27001 Standard.
- We have Hardened application and infrastructure surface and carry out third-party penetration testing of our system for known vulnerabilities.
- We support and recommend two factor authentication for all users.
- Code Reviews – every change before uploaded to production undergoes a review and needs to be approved. Changes are reviewed with security in mind.
- Developer education - we focus on making sure our engineering culture is one where the customer comes first and this includes protecting both their PII and business data at all times. We educate our developers on the top threats and employ rigorous code review practices such that no one developer can introduce changes without others signing off on it.
- Passwords – we require a strong password to connect to the application. Passwords are never stored in clear text and are always hashed and salted.
- Versioning – We have an automated system that ensures that the available system for our users is up to date.
- High availability – our system was designed to enable high availability; in any case of failure we can update our customers on real-time basis.
What happens if there is a data breach?
We will act in accordance with our strict data security policies in the event of a suspected data breach occurring -
- We will undertake an immediate investigation to determine if a breach has indeed occurred and ensure any future data is secured.
- Within 24hrs of a breach being identified we commit to personally notifying the Customer’s effected key account contact.
- A formal report on the breach and resolution will be produced and provided to effected clients.
- All relevant authorities will be notified as required as part of this process.
- IntelliHR undertakes to co-operate with Customer in their investigations of any such security breaches.
In addition to the above, intelliHR is Cloud SaaS, and our infrastructure is best practice. We achieve resilience through redundancy which is provided by high availability having multiple servers running at any one time. If one fails, there is an automatic failover to others with no disruption to customers. If you or your IT team requires any further information don't hesitate to contact us on 1300 993 803