TRUST
Talentpay adopts industry best-practice for the security of your data and trust in our services. Throughout the Talentpay SaaS solution, security is our main concern, especially when it comes to protecting the integrity, confidentiality and availability of your data.
Security
The Talentpay SaaS solution is hosted on Microsoft Azure using best-practice standards for secure environment configuration and network communications. The solution is monitored 24x7x365 for network intrusions, downtime, instability, capacity fluctuations and similar concerns, to ensure the Talentpay service remains highly available. Databases are hosted on Microsoft Azure SQL utilizing best-practice for database backups and redundancy. All data is encrypted at rest within the Talentpay SaaS solution.
Authentication and controls
Talentpay provides administrative controls to enforce organization-wide protection, such as 2FA. The Talentpay solution provides logging throughout the software and network infrastructure to provide evidence of user activity and access to the Talentpay SaaS environment.
Network Transport Security
Data is encrypted while in transit from the Talentpay servers to your location using HTTPS with SHA256 RSA 2048-bit strength encryption. Data is also encrypted while in transit within the Talentpay Microsoft Azure network using TLS 1.2 on HTTPS endpoints.
Security of sensitive information
Sensitive information, such as Tax File Numbers and bank account details, are treated with significant care within Talentpay. While all data transported and held within Talentpay data stores is encrypted, both in transit and at rest, sensitive data is further encrypted prior to storage within the Talentpay solution, to ensure that it is not exposed during data layer attacks.
Security and privacy of sensitive data is also handled with special consideration and care within our software development life-cycle and support processes as part of our overall, holistic Secure Software Development Life-Cyle (SSDLC) approach.
Security Operations
Our security team adopts a holistic security approach, based on industry best practice and using a common controls framework. We perform rigorous security testing of our platforms and solutions regularly, and conduct third-party audits to help ensure the best possible security practice to safeguard your data.
Talentpay incorporates security integrally within our SSDLC and supporting services to ensure that every stage of design, development, quality assurance, deployment and operations adhere to strong controls to safeguard data and systems used in the Talentpay SaaS lifecycle.
Our security incident management team review, document, mitigate and resolve any security issues quickly as they arise. Any significant security incidents will go through our escalation processes to ensure you are notified of the issue and of the steps being taken to rectify and mitigate the concern.
Reliability
Talentpay is designed for high performance, availability and reliability. Talentpay is developed and provisioned on best-in-class technologies, such as the Microsoft Azure platform. This allows your organisation to grow with confidence.
Availability and continuity
Talentpay is hosted on Microsoft Azure which provides significant measures to ensure high availability, integrity and continuity of services. Physical access to our data center controls are strictly controlled and monitored, with comprehensive security measures adopted by our data center and cloud infrastructure hosting partners.
Privacy
We are committed to protecting your privacy.
Privacy of your data is maintained through our software development life-cycle, service operations and provisioning operations. We strictly control and monitor access to data and its visibility to ensure that your data remains private.
Our Privacy Policy is available at www.talentpay.co.nz/privacy.
© 2022 TALENTPAY | PRIVACY | TERMS AND CONDITIONS | TRUST
Talentpay NZ Limited: PwC Centre, 10 Waterloo Quay, Wellington, 6011 , New Zealand