Network and application security

 

Data Hosting and Storage

BitaBIZ services and data are hosted at:

  1. Microsoft Azure in the EU
  2. Hestner online in the EU

 

Virtual Private Cloud

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal production environment. Login to our production environment is only via Dome9 that provide audit logs for all activity.

Our VPC is protected by Cloudflare web application firewall (WAF), BitaBIZ is protected against all important safety risks. BitaBIZ WAF is certified by the PCI Security Standards Council.

BitaBIZ is delivered via Microsoft .NET technology platform. Our Microsoft resources like MS SQL are always updated with latest security updates.

 

Back Up

BitaBIZ has an automated backup solution implemented. Backup runs every 24 hours.

 

Encryption

All data sent to or from BitaBIZ is encrypted in transit using 256 bit encryption.

Our API and application endpoints are TLS/SSL only.

This means BitaBIZ has HSTS fully enabled.

 

Pentests and Vulnerability Scanning

BitaBIZ uses third party security tools like BlackstoneONE to continuously scan for vulnerabilities.

 

Platform monitoring

BitaBIZ use New Relic real time platform monitoring. This enables us to monitor performance and quickly identify errors.

Product security

 

SAML 2.0

Single Sign-on (SSO) allows your company to authenticate users in your own systems without requiring them to enter login credentials to BitaBIZ.

 

SCIM

User provisioning allows your company to control and manage user creation and access control from your own systems.

 

User role Permissions (privacy by design)

BitaBIZ has build in settings and permission management.

Permission roles include:

  • System admin
  • Global payroll admin
  • Local Payroll admin
  • External admin
  • HR statistics
  • Approver role
  • User role

Settings management:

  • Default settings
  • GDPR setting
  • User settings

 

Password and Credential Storage

Password based authentication, user passwords are encrypted using the protocol SHA.

 

Uptime

We have uptime of 99.8% or higher. You can check our past month stats at https://status.bitabiz.com/

Internal security

 

Training

All employees are informed of our security policy.

 

Policies

Our setup does not allow our staff to access business resources outside our implemented security policy.

 

Employee Vetting

BitaBIZ performs background checks on all new employees including employment verification and criminal checks for Danish employees.

 

Confidentiality

All employee contracts include:

  • a confidentiality agreement.
  • GDPR code of conduct policy.

 

Internal Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job.

BitaBIZ have a Single Sign-On (SSO) policy to all business resources. SSO is a requirement for implementing a business resource. We manage resource access from one central portal. Access to a resource is only granted if relevant for the job function. We monitor and log login to company resources.

We have strong password policies.

 

Hardware

All employees have company paid PC and Mobile secured with company managed firewall and security scan.

 

BitaBIZ Security Policy accompanies BitaBIZ terms & conditions (System2 25.05.2018).