Fingercheck is committed to you (and your employees) Data Security

You already know that Fingercheck is your one-stop all-in-one cloud-based solution for HR, Payroll, and Time & Attendance tracking. But with all of the sensitive personal information that transmits in and out of a platform such as this begs another question: How secure is my data with Fingercheck?

You’ll be glad to know that Fingercheck always strives to maintain absolute security over your data. Here’s a look how!

TWO-FACTOR AUTHENTICATION (2FA)

Fingercheck provides all users the option of securing their account using Two-Factor Authentication. Two-Factor Authentication helps by requiring a user to enter a randomly generated code that comes to them via secure email when logging in to the platform, along with their account password. This protects the user by adding another layer of identity confirmation, in the unfortunate case of a user’s password or username falling into the wrong hands.

OWNERSHIP OF DATA

In order for us to provide some of our services, we need to be able to access your company’s payroll and HR-related records, as well as accounts from other third-party institutions.

Know that you can stop using Fingercheck at any time for any reason. Upon written request, we can disable any access to all company data, and all employee data within our records. Should you need it, your data can be made temporarily available again by written request.

AUDIT LOGGING

All changes to data within Fingercheck are logged to assist with any necessary troubleshooting or investigations. These audit trails are readily accessible to all administrative users directly within the interface.

EMPLOYEE ACCESS

Fingercheck’s HR policies limit access to your and your employees’ personal information strictly to trusted employees that have a reason to know that information. We implement security practices and procedures designed to protect the confidentiality and security of such information and prohibit unlawful disclosure.

Further, Fingercheck employees directly responsible for providing customer support are all required to pass preliminary employment background checks and go through extensive training on policies and practices within established compliance guidelines.

DATA BREACH HANDLING & WORKSTATION SECURITY

If any theft, data breach or exposure containing any protected or sensitive resources are identified, we immediately begin a process of removing all access to the resource(s) in accordance with standard theft/breach/exposure procedures.

Ensuring the confidentiality, integrity and availability of sensitive information, and access to sensitive information is restricted to authorized users only, which comprises Fingercheck staff, and any other approved users, which must be granted access by the account holder.

All workstations are subject to various physical and technical safeguards in order to protect any data that can be accessed.

VULNERABILITY HANDLING

Fingercheck has partnered with Bugcrowd, a cybersecurity company that works to reduce risk in the form of UI vulnerabilities by a combination of vulnerability scanners, penetration tests, bug hunters, and much more. This all contributes to a dependable and reliable web-based platform, well-secured from threats which could compromise data integrity.

WEB APPLICATION PATCHES & UPDATES

All patches and updates are subject to full procedural assessments once prior to their approval and again prior to their release into the live environment, after which they are bound to all other policy requirements.

TECHNOLOGY

Fingercheck runs on Amazon Web Services, or “AWS”, an industry-standard provider of infrastructure for cloud-based applications. AWS is specifically designed to meet the requirements of some of the most security-sensitive organizations out there, protecting all of yours and every other Fingercheck user’s data from outside threats.

DATA CENTERS

Fingercheck utilizes highly secured and certified data centers managed by Amazon. Amazon is a trusted and globally recognized leader in the operation and maintenance of cloud-based data centers.

The AWS infrastructure puts strong safeguards in place to help protect your privacy. All data is stored in highly secure AWS data centers that also implement dozens of compliance programs in its infrastructure to ensure the highest standards of data security.

Amazon’s data center operations have been accredited under:

ISO 9001, 27001, 27017, and 27018
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI DSS Level 1
FISMA Moderate
DIACAP
FedRAMP

Data is transmitted to and from Fingercheck using 256-bit SSL encryption- the same type of encryption used in most banks. In addition, Fingercheck secures user sessions with an expiring access token, and makes available audit trails for all user behavior, so if someone changes something, you can find out about it!

ADDITIONAL INFORMATION

Fingercheck, LLC. is located at:
1000 Gates Ave.
Brooklyn, NY  11221