Take The Tour
We understand that security is imperative when it comes to protecting employee data and we want to assure you that everyone at BambooHR takes security seriously. Here are some of the measures we have taken to protect our systems and your data:
Our servers are located in a state-of-the-art data center, which uses biometric authentication, key card access controls, and constant video surveillance to protect the servers that store customer data. The data center also has a Network Operations Center (NOC) that is staffed 24/7.
Network and Application Security
The following processes have been put into place to protect your data from unwanted third parties.
- Application design. We've designed the system from the ground up with security in mind. By applying best practices in web application security, we prevent critical vulnerabilities.
- SSL. We use 256-bit SSL encryption to protect information as it travels between the customer's browser and BambooHR.
- Strong encryption. Especially sensitive information (social security numbers, driver license numbers, etc.) is encrypted in our database using Advanced Encryption Standard (AES).
- Firewall. Our application, including our customer's data, sits behind a firewall.
- Vulnerability scanning. Our servers are scanned regularly for vulnerabilities by a reputable third party.
- Intrusion detection. Our servers and all traffic are monitored by an intrusion detection system (IDS).
All your data is backed up nightly in two distinct geographic locations. Backups are encrypted and transferred over SSL to protect the data in transit and at rest.