Security and Trust

The responsible management and protection of your data is our foremost priority.  Our systems are designed with data privacy in mind and upgraded on a regular basis to ensure compliance with the latest in data security.

Organizational Security

Our commitment to information security is built into our management and organizational design. Our dedicated security team continuously monitors and addresses potential security threats and our entire staff completes Security Awareness training on an annual basis.

Architectural Security

Data is kept confidential and secure using the highest encryption standards. Our application security is tailored to our organizational structure, with distinct access and security measures for our employee roles. We employ Transport Layer Security (TLS) to protect our users as they access our sites remotely, as well as CAS SSO login for application and IP control for enabled clients. For our data-at-rest encryption, we deploy AWS RDS to encrypt the database as records are being written to storage, ensuring that the data we handle in all forms is secure and backed up appropriately.

Architectural Security

Data is kept confidential and secure using the highest encryption standards. Our application security is tailored to our organizational structure, with distinct access and security measures for our employee roles. We employ Transport Layer Security (TLS) to protect our users as they access our sites remotely, as well as CAS SSO login for application and IP control for enabled clients. For our data-at-rest encryption, we deploy AWS RDS to encrypt the database as records are being written to storage, ensuring that the data we handle in all forms is secure and backed up appropriately.

Operational Security

We ensure operational security across our physical, network and application systems.  ePayslip operates according to global standards, including ISO9001, ISO27001, ISO27017, ISO27018, PCI DSS Level 1, SOC 1, SOC2, SOC3, Singapore Cloud Security Standard (MTCS SS 584) Level-3 (CSP) and OSPAR. Furthermore, our network is protected by a next-generation firewall and Intrusion Protection System, which we test bi-annually with a vulnerability scanning exercise.  Our applications are similarly designed with security in mind and follow best practise frameworks. We utilise Spring Security, in addition to password encryption in our database, with a password renew policy set for every 90 days. Our payslips and reports are also password encrypted and we perform rights-access checks for any user activity in our applications.

Compliance

Our platform is designed with built-in security measures and to comply with the high security standards of the organisations we serve.  Our built-in granular access controls and detailed audit logging capabilities capture changes and access by all our users. For our payroll, we also practice auto-regulatory compliance to the complex statutory rules or changes across all our locations.

Compliance

Our platform is designed with built-in security measures and to comply with the high security standards of the organisations we serve.  Our built-in granular access controls and detailed audit logging capabilities capture changes and access by all our users. For our payroll, we also practice auto-regulatory compliance to the complex statutory rules or changes across all our locations.

GET STARTED

If you’re considering ePayslip or have any questions about our services or products, we’d love to hear from you.

FOLLOW US