We know you’re trusting Workforce Kinetics with your organization's data, and we take that responsibility very seriously. That’s why we practice Defense in Depth, a principle focusing on multiple layers of security controls, as well as Zero Trust, a security model developed by industry leaders to secure resources at the system level rather than focusing on perimeter defense. We keep your data locked down at every level, and we take multiple measures to ensure it stays that way. Here are just some of the measures we take to prevent data leaks and unauthorized data access:
- Active bug bounty programs.
- Frequent vulnerability scans.
- Web application firewall using Cloud Flare.
- Annual third-party SOC II security audit.
- Input validation.
- Annual third-party penetration test.
- Continuous security management and monitoring.
- Strongest industry standard encryption.
- Native Multi-Factor Authentication available to all Workforce Kinetics customers.
- We understand that security is more than just creating a secure application—it involves monitoring, improving, and remaining vigilant against risks both internal and external.
We can provide additional information, including compliance reports and attestation letters, upon request.
Our customers’ data is hosted in the United States, Canada, or Ireland, depending on the location and needs of individual customers and applicable laws. All information is encrypted in transfer, and certain sensitive fields are encrypted at rest. In addition, the data center located in Ireland meets all of the data requirements of the European Union, European Economic Area, Switzerland, and the United Kingdom.