Rest easy knowing only authorized users can access certain info.
We know how critical it is to keep certain information private. Our robust permissions system was designed around all roles and responsibilities, giving you flexible access control that is easy to configure. We also allow for you to stay data compliant while maintaining stable access to the tools you need.
- Workpop servers are hosted on Amazon Web Services (AWS), Google Cloud Platform (GCP), Compose, and Meteor Galaxy. Compose and Meteor Galaxy are also deployed on AWS. AWS is accredited under these certifications. GCP is accredited under these certifications.
- Access to Workpop servers and databases are firewalled from the internet using AWS Security Groups.
Credit Card Data
- The Workpop Platform does not store credit card information. All credit card data is handled by our payment processor, Stripe, which is certified to PCI Service Provider Level 1.
Encrypted Data Transmission
- The connections between Workpop servers and website and mobile apps are encrypted using HTTPS and TLS with only secure, modern cipher suites allowed. The Workpop HTTPS setup receives a grade of “A” from Qualsys SSL Labs test.
- Connections between services internal to the Workpop Platform are also encrypted using HTTPS.
Encrypted Data Storage
- Sensitive user personally identifiable information is encrypted at rest within a Workpop database. Each user’s data is encrypted using a separate, user-specific AES 256-bit key managed by AWS Key Management Service.
- Completed HR documents are stored in an access-controlled AWS S3 bucket. Documents within S3 are encrypted at rest using AWS S3’s Server Side Encryption (AES-256) Access to documents is granted to authenticated and authorized Workpop users via a signed, limited-duration URL.
Internal Access Control
- Workpop follows least-privilege principles and restricts staff access to internal systems and user data as required by their role and duties.
- Workpop maintains automatic backups for four weeks.
- Workpop servers are distributed across multiple AWS Availability Zones (AZs) to boost resilience against faults in any one data center.
3rd Party Access to Data
- Workpop takes privacy and data security very seriously. Your information is never sold to any third-party and is inaccessible to any user unless you have explicitly given permission (ie: applied to an employer's job). When you apply for a job, you give the employer access to your Workpop application, phone number and email address, as well as your resume, if you chose to upload one.