At PandaHR, we prioritise the security and confidentiality of your data. Our comprehensive security measures are designed to ensure the highest levels of protection for your sensitive employee information.
Strong password enforcement: All users are required to create passwords with a minimum of 8 characters, including a mix of uppercase and lowercase letters, numbers, and symbols. This helps in safeguarding accounts against unauthorised access.
Password encryption: We use bcrypt for password encryption. This advanced security measure ensures that all passwords are stored in an encrypted format, enhancing the overall security of user accounts.
Customisable access controls allow you to define and manage who has access to various levels of information within your organisation. This granular control helps in maintaining the integrity and confidentiality of employee data.
We provide support for 2FA to add an extra layer of security to your account. This ensures that only authorised users can access sensitive information even if login credentials are compromised.
Our services are hosted on secure, cloud-based platforms with strict access controls. Only authorised personnel have access to production data. Our primary subprocessor, AWS, is certified under ISO 27001, SOC 2, and other industry-recognised standards.
We perform regular data backups to prevent data loss and ensure data availability in case of unforeseen circumstances.
All data in transit and at rest is encrypted using AES-256, providing an additional layer of security to your data.
We employ advanced monitoring tools to detect anomalies, prevent unauthorised access, and ensure quick response to potential threats.
Sensitive employee data, such as bank details and salary information, is protected with end-to-end encryption. This means that such data is encrypted from the point of origin to the point of destination, ensuring its confidentiality and integrity.
Our employees undergo annual security training to stay updated with the latest security protocols and best practices.
All employees sign confidentiality agreements as part of their employment contracts to ensure the safeguarding of any sensitive information they might handle.
We conduct regular security audits and penetration testing to identify and address potential vulnerabilities proactively.
We collaborate with DarkShield, our preferred cybersecurity partner. DarkShield conducts periodic penetration tests, security assessments, and provides expert guidance to enhance our security posture.
We have a robust incident response plan in place to address potential security breaches:
If you suspect a breach or security incident involving your account, please contact our security team immediately at [email protected].
Our data centres are protected with advanced physical security measures, including:
We carefully vet all subprocessors to ensure they meet our stringent security and compliance standards. Subprocessors are required to:
Our subprocessors include:
We recommend the following practices to enhance user security:
We are committed to maintaining the highest standard of security. If you have any security-related questions or wish to report a potential vulnerability, please contact our security team at [email protected]. We appreciate the efforts of researchers and users who help us strengthen our platform's security.