People are at the centre of our Information Security Management System (ISMS). We are committed to the highest standards of protecting and safeguarding the data we are responsible for.
Our services are available via web browser, O365 plugin or mobile applications. All our web application architecture conforms to OWASP Security Practices. We enable SSO using SAML2.0 protocol, password management, audit tracing and logging with 24/7 scanning and monitoring.
Our hosting partner is Amazon Web Services (AWS), and data is processed and stored in AWS data servers located in Europe via Virtual Private Cloud solution and regular 3rd party vulnerability scanning and penetration testing.
We follow an Agile Development Methodology which is documented in our Software Development Lifecyle Policy. All data is segregated using multiple development, preview and production environments.
All customer data is encrypted both in transit and at rest utilising industry best-practices. For Data in Transit the application is available via TLS v1.2 connection only (HTTPS protocol). Data at rest is encrypted by default with the industry standard AES-256 encryption algorithm.
customer data can be integrated via either SCIM API or SFTP file upload and integration available to all major HR ERP platforms.
All systems and applications are regularly monitored with automated tools and kept up to date with the latest security patches in accordance with our internal system change control and management policy and any critical patches are deployed immediately.
Data Compliance – Our Data Processing Agreements and legal contracts clearly articulate obligations of our customers as data controllers and obligations of Our Tandem as data processor with legal commitments on how we will process and protect customer data.
Data Storage – All EEA data is stored and backed up in EEA data centres and all our sub-contractors follow GDPR Principals
Data Breach – We investigate any potential data breaches immediately and notify Security Breaches we become aware of within 72 hours to the appropriate data regulator.
Rights of Data Subjects – Our Tandem have processes in place to facilitate the Rights of Data Subjects in line with GDPR.
Availability – We commit to maintaining a minimum availability of 99.5% uptime.
Incident Response – Our Business Continuity Plan (BCP), Disaster Recovery (DR), Data Backup, and Incident Management approaches are in line with ISO 27001 framework.
Logging & Monitoring – All logs are stored in AWS CloudWatch with automatic backups to S3 and stored for inspection. All administration access and activity are traced and logged using AWS CloudTrail.
Some of our market leading functionality which puts customers in control of their data include: