Keeping your data secure and available
Keeping your data secure and available is the most important thing we do for our customers, our employees and our shareholders.
Security by Design
All aspects of the Payzaar platform have been designed with security to the fore from the application's role based access controls and application security provisions, secure software development policies, selection of Microsoft Azure as the hosting provider and operation controls around the production environment including business continuity measures.
Payzaar is ISO27001:2013 Certified
Our ISMS is based on the ISO27001 (2013) framework laying out our policies and procedures with respect to all aspects of Information Security. These are fully integrated with our risk management, asset monitoring, and incident management systems to give us real time vision of our assets and potential exposures.
First Line of Defence
Our people are HR and Payroll industry veterans with keen awareness of how critical information security is for our business success. We retain expert advisors who support us on information security policy design, procedure design, as well as ongoing training to ensure that our team is up to date with best practices and continually reflecting this in our ISMS.
Business
Continuity
World-Class Hosting
Payzaar hosts with Microsoft Azure in the European Union, Azure is a SOC 1 Type I and SOC Type II certified hosting service supporting hundreds of thousands of organizations worldwide. 90% of Fortune 500 companies use Microsoft Azure. This provides us with strong physical and logical security as well as business resilience capabilities.
Resilience
We operate a fully redundant infrastructure across several data centers and automatically back up our environments every day to remote and secure secondary recovery sites. We target system availability of 99.5% or better.
Information
Security
Access
Control
Access to production systems is strictly controlled, all access is logged and audited in line with our access control and change management policies contained within our ISMS. Development, test and production are fully segregated.
Application
Security Features
- Two factor authentication, strong passwords, and configurable password lengths
- Idle session duration settings
- Deterrents for brute force attacks
- Encryption for all data in transit and at rest
- Role-based security to ensure that you grant the correct level of access to the right individuals within your organization.
Independent
Penetration Testing
Payzaar employs industry leading independent penetration testers to subject the application to rigourous automated and manual tests in line with industry standards such as OWASP Top 10.In addition the application is also subject on ongoing automated vulnerability scans to detect and alert of any potential issues.
Data Privacy
We host our environments in the European Union and do not transfer your data out of the European Union to other third-party hosting providers.
The only people that will move your data are your employees during the normal course of their work. We are governed by Irish and EU data protection legislation and are compliant with GDPR Regulations, effective May 2018.