TRUST

Talentpay adopts industry best-practice for the security of your data and trust in our services. Throughout the PURMSec SaaS solution, security is our main concern, especially when it comes to Personally Identifiable Information (PII) and protecting the integrity, confidentiality and availability of your data.

Security

The PURMSec SaaS solution is hosted on Microsoft Azure using best-practice standards for secure environment configuration and network communications. The PURMSec solution is monitored 24x7x365 for network intrusions, downtime, instability, capacity fluctuations and similar concerns, to ensure the PURMSec service remains highly available. Databases are hosted on Microsoft Azure SQL utilizing best-practice for database backups and redundancy, including warm fail-over to a distinct geographical region. All data is encrypted at rest within the PURMSec SaaS solution.

Authentication and audit controls

PURMSec provides administrative controls to enforce organization-wide protection, such as SAML SSO and enforced 2FA. The PURMSec solution provides extensive audit controls and logging throughout the software and network infrastructure to provide evidence of user activity and access to the PURMSec SaaS environment.

Network Transport Security

Data is encrypted while in transit from the PURMSec servers to your location using HTTPS with SHA256 RSA 2048-bit strength encryption. Data is also encrypted while in transit within the PURMSec Microsoft Azure network using TLS 1.2 on HTTPS endpoints.

Security of Personally Identifiable Information (PII)

Personally Identifiable Information (PII) is treated with significant care within PURMSec. While all data transported and held within PURMSec data stores is encrypted, both in transit and at rest, PII is further encrypted prior to storage within the PURMSec solution, to ensure that it is not exposed during data layer attacks. Security and privacy of PII data is also handled with special consideration and care within our software development life-cycle and support processes as part of our overall, holistic Secure Software Development Life-Cyle (SSDLC) approach.

Security Operations

Our security team adopts a holistic security approach, based on industry best practice and using a common controls framework. We perform rigorous security testing of our platforms and solutions regularly, and conduct third-party audits to help ensure the best possible security practice to safeguard your data. Talentpay incorporates security integrally within our SSDLC and supporting services to ensure that every stage of design, development, quality assurance, deployment and operations adhere to strong controls to safeguard data and systems used in the PURMSec SaaS lifecycle. Our security incident management team review, document, mitigate and resolve any security issues quickly as they arise. Any significant security incidents will go through our escalation processes to ensure you are notified of the issue and of the steps being taken to rectify and mitigate the concern.

Reliability

PURMSec is designed for high performance, availability and reliability. PURMSec is developed and provisioned on best-in-class technologies, such as the Microsoft Azure platform. This allows your organisation to scale with confidence.

Availability and continuity

We provide high levels of availability, with fail-over to geographically dispersed data centers. Physical access to our data center controls are strictly controlled and monitored, with comprehensive security measures adopted by our data center and cloud infrastructure hosting partners. PURMSec is hosted on Microsoft Azure which provides significant measures to ensure high availability, integrity and continuity of services.

Privacy

We are committed to protecting your privacy. Privacy of your data is maintained through our PURMSec software development life-cycle, service operations and provisioning operations. We strictly control and monitor access to data and its visibility to ensure that your data remains private. Our Privacy Policy is available at www.talentpay.com/purmsec/privacy.

Sub-processors

To support delivery of our services, Talentpay may engage and use data processors (“Sub-processors”) with access to certain personal information. These external service providers help us to provide the PURMSec service to you, and may as part of their service have accessibility to personal information. The following table identifies the sub-processors we use, along with their role.