<img src="https://d5nxst8fruw4z.cloudfront.net/atrk.gif?account=8jsvn1QolK10Y8" style="display:none" height="1" width="1" alt="">
phone-big.png

Protect your data using the industry’s most stringent security guidelines

EmployeeChannel has a secure, enterprise-grade platform to protect your organization’s and your employees’ data. Data is fully encrypted at rest and in transit using 256-bit SSL encryption. We employ state-of-the-art firewall and backup technology, and your data resides in high-security, access-controlled data centers.

EmployeeChannel maintains GDPR and HIPAA Compliance and adheres to data privacy and security provisions within the HITRUST Common Security Framework.

We follow some of the most stringent security guidelines available today for

  • Storage of information
  • Transmission of information
  • User access and identity management
  • Secure IT infrastructure.
THE END-TO-END SOLUTION FOR WORKFORCE COMMUNICATION

As secure as the data in world-class healthcare, finance, and banking institutions.

Secure Storage

  • Employees’ personally Identifiable Information (PII) is stored and encrypted on Google Cloud Platform’s (GCP) Cloud SQL. GCP’s Cloud SQL includes a network firewall, requiring explicit control of network access to each database instance.
  • Access to data is further secured by GCP SQL Proxy software, limiting data access to a specific-machine based service account. The account’s encryption key is managed by GCP Infrastructure Key Management Service and is not stored on the server.

Secure Transmission

  • All APIs to retrieve employees’ personal information are secured using SSL/TLS1.2 security standards to protect against unauthorized interception of protected information.
  • All communications via your employees’ mobile devices (IOS/Android) are also encrypted using SSL/TLS1.2 standards, and protected information is never stored on a mobile device.

User Access and Identity Management

  • Employees can download and use your version of the EmployeeChannel app through an organization-unique invitation.
  • An employee’s user identity is authenticated via confirmation of information supplied by the organization, minimally two different types of unique identifiers (e.g., SSN, date of birth, etc.). Employees must then establish a password before accessing the application or any organizational or personal information.

Secure IT Infrastructure

EmployeeChannel servers are hosted with Google Cloud Platform’s (GCP) Infrastructure Service, a recognized leader in data information protection. CGP’s Infrastructure Service provides:

  • IP Reputation Management
  • Multi-tier, multi-layer denial of service (DoS) protections
  • Server-based security services, including a hypervisor embedded stateful network firewall, a hardened operating system (selinux); patching for critical and security related patches, anti-malware protection; secure remote access and time synchronization
  • Remote access via dedicated VPN tunnels and L2TP/IPSec VPN connections
  • HIPAA/GDPR Compliant, HITRUST Certified IaaS.

More information about Google Cloud Platform’s Information Security can be found here.

EmployeeChannel also subscribes to Compliance Management, Vulnerability Management, and Application Security Scanning Services provided by leaders in Cybersecurity, including:

  • GDPR compliance assessment and validation
  • HIPAA compliance assessment and validation
  • Vulnerability Scanning for the latest known threats
  • SAST, DAST, and manual penetration testing

EmployeeChannel has been certified 100% HIPAA compliant by Coalfire, Inc. GDPR compliance will be completed by MAY 2018.

Additional information about these security services are available: Coalfire, Tenable.io, and Veracode.

Unleash the power and innovation of intelligent workforce communication.

Schedule a Call

Human Resources Today