Internal Communications Leader theEMPLOYEEapp Strengthens Security Controls to Protect Employee Data
theEMPLOYEEapp, provider of customized mobile applications for internal communications, has further augmented its security controls to protect sensitive corporate information and private employee data. theEMPLOYEEapp received a score of 100—the highest possible score—based on its recent Veracode vulnerability testing. The mobile app platform has also achieved its SOC 2 Type II certification and Cyber Essentials Plus accreditation in the United Kingdom (U.K.).
“Internal communicators and human resources teams need intuitive technology tools that enable information sharing with all employees, including those who don’t sit at a desk or have a company email address,” said Doug Pierce, COO at theEMPLOYEEapp. “However, mobile apps must also meet the approval of IT security teams, who often make the final decision on which business applications comply with internal and external security policies. By taking the proactive steps to ensure that our mobile app is as secure as possible, theEMPLOYEEapp helps lighten the load for IT while giving communicators the ease-of-use they need to keep their workforce connected, informed, and engaged.”
theEMPLOYEEapp conducts annual vulnerability testing through Veracode. The testing identifies any security weaknesses that cybercriminals could exploit to steal sensitive data belonging to companies and their employees. Veracode’s Security Quality Score is a single score from 0 to 100, where a score of 100 is an application with no detectable security flaws.
In addition to vulnerability testing from Veracode, theEMPLOYEEapp takes these additional security measures:
1. SOC 2 Type II Compliance: Demonstrates the security of theEMPLOYEEapp’s internal controls, security policies, and procedures to keep customer data safe
2. Single-Sign-On: Support for Microsoft Azure AD OAuth, Microsoft ADFS OAuth V3 and V4, Okta OAuth, and Okta SAML, ensuring a safe user experience
3. REST API: Providing the ability to safely integrate content from customers’ existing corporate intranets, SharePoint instances, and other internal legacy systems into the mobile app
4. Encryption: Customer data is encrypted in transit and at rest using industry standards to further protect data shared across the app
5. Cyber Essentials Plus Accreditation: Ensuring that U.K. customers have chosen a trustworthy technology partner that passed all aspects of the cybersecurity testing and evaluation by the Cyber Essentials standards body
HR Technology News: What To Keep In Mind When Selecting A Field Workforce Management Platform