Our customers are responsible for managing deeply personal HR information. Protecting this data is paramount – and as an HR software supplier, we take our commitment to security very seriously. Keep reading to learn how we help you protect your most sensitive HR information.
ISO27001 is the international standard for proving true commitment to strong information security management processes. We are proud to have been awarded with our ISO27001:2022 certification.
This is the latest standard, which replaces the old 2013 standard, and demonstrates our desire to stay ahead of the game and lead the charge in a world of modern HR management.
We use Microsoft Azure to host all live customer data. More specifically, our servers are all located within the “Microsoft Azure UK South” datacentre, meaning that your customer data is always safely stored within the UK – a key requirement of GDPR.
Microsoft Azure is renowned globally for its state-of-the-art cloud infrastructure, ensuring that your data resides not only in a secure environment, but also benefits from continuous enhancements in data protection and management technologies.
You can learn more about this certification by reading our blog post here.
In case of disaster at one of our data centres, we continually perform geo-redundant data backups. This means all your system data is constantly backed up to a totally separate UK site over 200km away. In other words, even if the entire UK South data centre got wiped out by a catastrophe, we would be able to immediately restore your vital HR data.
Our HR system has all of the necessary functionality for compliance with the UK GDPR and DPA 2018. This means, for example, when customers need to delete sensitive data, it is deleted in a way that complies with acceptable use guidelines. And with no data hosted outside of the UK, you can rest assured our obligations as a data processor are fully covered.
Some HR software companies still rely on a simple username and password system to control user access. This can expose sensitive data to security risks, through human error and leaked password information. At SenseHR, all account access is protected by two-factor authentication (via Single Sign On to your Identity provider), to ensure that nobody can log into a private file without proving who they are.
SenseHR runs on what is called a “single-tenanted” database. Unlike multi-tenanted databases, which many cloud-based HR systems run on, a single-tenanted database keeps your company’s data completely separate to everybody else’s. This means that your risk profile is greatly reduced – for example, in the event of a sensitive data leak, your data would be far less likely to be exposed to other clients. In contrast, on a multi-tenanted database, data leaks carry higher levels of risk, as multiple customers are sharing the same database infrastructure.
Single-tenanted databases also give you the benefit of increased performance and less downtime. This is because your database performance is not impacted by the activity of other users – for example, if Customer A runs a large report that is pulling information from thousands of data points, then it won’t slow down the performance of your own HR software account.
Book a 30-minute no-pressure demo with one of our experts.