At OpensoftHR, we prioritise privacy and security and take all the necessary steps to ensure that your information is fully secure and protected. We are committed to the continual improvement of the information security of the OpensoftHR application, to ensure the utmost safety and ease-of-use for our customers. Our practices follow industry-set baselines and best practices.
- ISO Compliance (Operational Security & SOPs)
- Employee training & awareness in handling confidential data
- Physical Security, Cloud Security & Backup SOPs
- Software Development – Built in Security (3 examples)
1. ISO Compliance (Operational Security & SOPs)
OpensoftHR is proudly certified as compliant with ISMS ISO 27001: 2013. This is the most widely known information security management standard used by organizations to keep data assets secure.
Robust Security Management
OpensoftHR achieved these ISO certifications by developing and implementing a robust security management program to keep our customers’ data safe.
2. Employee training & awareness in handling confidential data
The OpensoftHR application is an all-cloud HR management SaaS platform available in both web and mobile formats (iOS and Android). Our services are built on a fully cloud infrastructure provided by Exabytes within the Singapore region using both multi-tenancy and multi-instance approaches. We employ redundancy measures to ensure high availability across our platforms.
Training and Implementation
We will conduct training for all new customers. During the training, we will share what you need to take note of to ensure that your employees’ data always remain confidential. We will also share how you can manage and control the access of different tiers of users.
After the training, our technical expert will help you with implementation to ensure that everything is properly set up and to prevent any loopholes.
If you or your HR Admin are unsure of anything, you can check the customer portal or reach out to OpensoftHR support via phone, email, chat or telegram. This ensures that you always get the help you need to handle your confidential data.
3. Security by Design, Cloud Security & Backup SOPs
Security by Design
Security is an important topic, especially when OpensoftHR is built as a cloud-based HR system. That is why it is important to share about the steps we take to ensure the safety of
our clients’ workforce information. Firstly, the multi-tier architecture that OpensoftHR is modeled in, eliminates the single point of failure locations within the application, and helps
to enhance a secure web application architecture, with each tier including a number of security mechanisms. Additionally, we use industry-standard scanning applications to test products for vulnerabilities, such as an SQL injection attack, every 6 months.
We engaged Exabytes as a cloud service provider to host and store OpensoftHR’s Cloud HR Software and Database. The data center is located in the South East Region, primarily in Singapore and Malaysia. The Exabytes Malaysia Data Center has multiple backbones from Tier 1 ISPs which allow global reach and QOS. It is the only IP transit service in Malaysia that provides SLAs. Connected with good latency to major destinations worldwide and an estimate of 0.01% packet loss rate across the network. The various environmental aspects of the data center including power, cooling, fire suppression and security are looked after by a central management system. The Exabytes Malaysia Data Center NOC monitors this system 24x7x365.
Data stored in OpensoftHR applications have encryption in place. Privilege rights on visibility are granted to only relevant staff who are involved in the setup and configuration of OpensoftHR applications in the cloud server. As our business continuity plan looks into ensuring services are available at all times, we offer services to backup data files for up to 12 months at any given time.
4. Software Development – Built-in Security
2-Factor Authentication (2FA)
OpensoftHR applications are built in with an automated password expiry that prompts a user to change their password after a defined period of time. This will ensure an adequate level of password security at all times and minimise risk of unauthorised access through hacking.
Role-based Access Control
Employee data can only be accessed by an assigned administrator with specific roles. This is to ensure that confidential data will never be shared with the wrong personnel.
Fully Cloud Infrastructure
The OpensoftHR application is an all-cloud HR management SaaS platform available in both web and mobile formats (iOS and Android). Our services are built on a fully cloud infrastructure provided by Exabytes within the Singapore region using both multi-tenancy and multi-instance approaches. We also implement redundancy measures to ensure high availability across OpensoftHR platforms.
Using the Productivity Solutions Grant, companies may receive up to 70% funding for the purchase of OpensoftHR. Eligible employers for SkillsFuture Enterprise Credit (SFEC) will receive a one-off $10,000 credit to cover up to 90% of the out of pocket expenses on qualifying costs.
For more information, please contact us or refer to the HRMS package.