Why secure software design matters
When selecting any online HR system, it’s important to consider both the hosting environment and the design of the software application. A software vendor can choose to host their system in a world-class hosting facility, and benefit from all of the advanced infrastructure security and certifications that the hosting provider has to offer. However, if their own software application hasn’t been designed with security at its heart, their system is still going to be vulnerable, and that means your data will be too.
As a team, we have a long history of developing and delivering HR software solutions to customers of every size and in virtually every industry sector – including many of the world’s most demanding organisations. We know what it takes to deliver robust, secure, international HR systems across the internet. We not only design for security, but have regularly penetration testing by an expert third party in place, so you can be sure that our security is independently validated, and our system really does meet the high standard of security your HR data demands.
Security at every level
Cezanne HR is designed around a multi-tiered architecture that is recommended for web-based applications. The architecture partitions application functionality into independent layers: the presentation layer (or browser client), the business logic (application server) and the data layer (database).
The presentation layer never communicates directly with the database layer. All communication is performed via the business logic, which provides its own security checks before permitting access to the data. This prevents requests from a web browser going directly to the database. The application also verifies the user role at every request.
The service makes use of strong encryption to protect customer data (which is stored on an encrypted file system) and communications, including SSL Certification from Network Solutions. SSL (Secure Sockets Layer) is the standard security technology for creating an encrypted link between a web server and a browser. You will know you have created an SSL link when the URL is in green, begins with “https://” and there is a padlock symbol either at the beginning or end of the URL.
Secure mechanisms are used to verify the identity of users attempting to access the system. In order to access the system the user must either enter a username (e-mail address) and password or authenticate through an approved Single Sign-On (SSO) provider.
Passwords are protected using sophisticated hashing and salting techniques; Cezanne HR only ever stores hashes of password, never the passwords themselves.
You can set rules in the system to enforce a strong password policy, including:
- Mandatory inclusion of at least one upper and lowercase letter, one number and one symbol.
- Minimum and maximum password length.
- Expiry dates with reminders.
- Password history to prevent users re-using their passwords within a customer-defined period.
- Maximum number of failed login attempts before the account is temporarily locked.
- You can also choose which, if any, of the SSO options – e.g. Google, Microsoft, Twitter, Facebook and OpenID – are available to your users. Only identifiers that are secured with SSL can be used when the OpenID SSO option is enabled.
We have chosen to host your Cezanne HR software service within Amazon’s AWS European data centres. AWS is acknowledged as a world-leading Cloud Infrastructure as a Service provider. It’s data centres are proven, secure and reliable and their certifications cover ISO27001, SOC 1/SSAE 16 (previously SAS70), SOC 2 and more. The AWS infrastructure also has a number of built-in security features, such as distributed denial of service (DDoS) protection and password brute-force detection on AWS accounts.
In addition, our contract with AWS states that they will not move any content from the European region without first notifying us. If this happens we will, of course, both notify you and take steps to ensure your content remains within the EU. This is especially important in the light of the ruling on October 6th 2015, when the European Court of Justice determined that the 15-year-old US-EU Safe Harbor framework is no longer valid for the transfer of personal data from the European Economic Area (EEA) to the US.
For further information about AWS EU data protection compliance please visit. https://aws.amazon.com/compliance/eu-data-protection/
Inside the AWS environment, the systems are further safeguarded by firewalls between layers, IP and port restrictions, private subnets and network routing restrictions.
Operating system instances are hardened by disabling or removing any non-essential tools, utilities and other system administration options that might provide potential backdoor entry to the system, and by disabling or removing any unnecessary users, protocols, and processes. Our installation and configuration procedures are based on industry-recognised standards and tools.
Cezanne HR does not have physical access to the data centre or physical machines as this is prohibited by Amazon. Cezanne HR can access the virtual machine instances for the purpose of maintenance, applying security updates, monitoring and ensuring backups are running successfully. This is limited to Cezanne HR’s Managed Services team.
When purchasing a Software as a Service (SaaS) solution, it is critical that the service is resilient and reliable. To ensure high availability the Cezanne HR software service includes:
- Installation in multiple EU data centres – your Cezanne HR software will continue to operate if a machine or data centre fails.
- 24-hour monitoring – the availability of the system is monitored continuously and an alert sent to the support team if a problem occurs.
- External monitoring from locations around the globe to alert Cezanne HR to unexpected latency or DNS problems.
- Monitoring of resources including CPU, disk and memory usage so we can scale as and when required.
Cezanne HR and GDPR
While the GDPR introduces a major overhaul of the European data protection regulation, the key principles of the GDPR are the same as those that have been in place since the introduction of legislation based on the European Directive of 1995.
The basic principles that establish when processing of personal data is lawful and that require the implementation of appropriate technical and organisational measures are not materially modified by the GDPR.
Having reviewed the technical and organisational data protection measures implemented by Cezanne HR to protect personal data processed by and for our customers within the Cezanne HR system, we can confidently assert that the substance of such measures is already in line with the requirements of GDPR security requirements as outlined in articles 25 and 32.
However, the GDPR introduces a number of more formal compliance requirements, aimed at ensuring that the substance of data protection is not diluted by practices that are not sufficiently formalised. From this point of view Cezanne HR is currently working towards compliance in a number of ways:
- To comply with the provision of article 28.3, we are working on a standard Data Processing Agreement (DPA) to be executed between Cezanne HR and each of our customers, that defines in detail “the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller”.
- To comply with the provision of article 28.4, we are reviewing the agreements we have in place with those suppliers that could be deemed subcontractors in processing personal data on behalf of our customers, ensuring that appropriate agreements are in place.
- To comply with the provision of article 37, we are considering the designation of a data protection officer within our organisation.
- To ensure that the security of processing as outlined in article 32, is based on properly documented policies, processes and procedures within Cezanne HR, we are reviewing all our internal process documentation.
None of these steps will substantially enhance the level of security that is already in place as a key design feature of the Cezanne HR architecture, but the higher level of formalisation will increase the level of comfort for all those involved. Customers can rest assured that we will be compliant with GDPR before it comes into effect in May 2018 and that we constantly monitor and review all the aspects of data security to make it stronger.
Other useful articles
HR data and GDPR: Informed consent (and why not to rely on it): published on HRZone June 2017
Why you need to know who hosts your HR software: what you need to know about hosting facilities and European data protection legislation
Why roles-based security matters: keeping HR safe while ensuring everyone has the information they need
Please note: The information on this page relates to the modules developed by Cezanne HR. It does not cover third-party modules marketed by Cezanne HR that may have a different hosting and security architecture.
The use of Cezanne HR’s software service is subject to the terms and conditions of the Cezanne HR subscription agreement. Cezanne HR reserves the right to modify its security infrastructure in accordance with this agreement. Please contact us if you would like a copy of this agreement.