Steps to take to mitigate risk of payroll cyber attacks

This is a text post that reads: 'Safeguard your confidential information from cyber attacks'.

With the recent cyber attack on Frontier Software, we are aware that there may be concerns over data security and protection in payroll software.

We at KeyPay understand that sensitive employee and payroll information must be protected, and we take measures to do so. 

KeyPay is ISO/IEC 27001:2013 certified

What does this mean? ISO/IEC 27001 is a security standard that outlines and provides the requirements for an information security management system (ISMS). It specifies a set of best practices and details a list of security controls concerning the management of information risks.

We maintain certification through extensive audits of controls to ensure that information security risks that affect the confidentiality, integrity, and availability of company and customer information, are appropriately managed.

Here is a copy of our ISO 27001 certificate.

Disaster recovery processes

At KeyPay, we ensure we have processes and checks in place to safeguard us from attacks. However, no system is foolproof. As part of our ISO certification and obligations, KeyPay has disaster recovery procedures in place to respond quickly to potential attacks. We carry out regular drills to maintain these processes. Please be aware that these procedures are confidential to ensure success.

Data hosting

Our customers’ data is hosted on Amazon Web Services (AWS). All data is hosted in the AWS Asia Pacific (Sydney) region and is PCI compliant. You can find out more here.

Data is transferred using 256bit SSL encryption and all sensitive data is encrypted on disk.

Does KeyPay support HTTPS?

All data transferred via the payroll platform is done so via HTTPS. No data is transferred via HTTP.

How often is data backed up in KeyPay?

Full backups are carried out daily and transaction logs every 15 minutes.

Are backups recovered and verified and if so, how often?

Our backups are verified and tested on a weekly basis.

What personal information is stored and how is it used?

Please refer to our privacy policy.

Cybersecurity awareness

Human beings are still the weakest link in any organisation’s digital security system. People make mistakes, forget things, or fall for fraudulent practices. That’s where cybersecurity awareness comes in and is extremely important.

This involves the process of educating employees on the different cybersecurity risks and threats out there, as well as potential weak spots. Employees must learn the best practices and procedures for keeping networks and data secure and the consequences of not doing so. These consequences may include losing one’s job, criminal penalties, or even irreparable harm to the company.

By making employees aware of the scope of the threats and what’s at stake if security fails, cybersecurity specialists can shore up this potential vulnerability.

What other steps can you take to keep payroll secure?

  • Use a password manager such as 1Password to keep passwords secure and protected.
  • Do not share your password with anyone. Ensure you use different passwords for different applications - and make sure they are strong. Password managers can help to confirm this.
  • Limit user access - KeyPay full access users can grant restricted access to other users in order to protect potentially sensitive data. Find out more here: AU | UK | NZ | SG | MY
  • Enable Two-factor authentication on your payroll account, to provide an additional layer of security and make it harder for attackers to gain access. Find out more about how to manage this in KeyPay: AU | UK | NZ | SG | MY
  • Enable Two-factor authentication on your email account. Email is a very common attack vector. The more channels you strengthen security on, the less risk of being vulnerable to a cyber attack.

If you have any questions or concerns, don’t hesitate to reach out to support@keypay.com.

Kate Brown

Marketing Manager at KeyPay

You might also like...

This is a photo of a woman holding up a sign that says "WOMEN". There is a KeyPay logo in the top left corner.
March 8, 2022

The importance of gender diversity and equality in the workplace

International Women’s Day is celebrated annually on 8 March, but we at KeyPay believe that gender equality and diversity should be a year-round focus.
Industry Insights
Image of girl wearing mask placing a 'Closed' sign in a shop window.
February 21, 2022

Small Business Support Program: Payroll support to businesses affected by Omicron

The Small Business Support Program is designed to help support small to medium businesses that suffered during the Omicron outbreak.
Industry Insights
This is a text post from KeyPay. There are presents and love hearts in a photo on the right hand side. There is text on the left hand side that says: fall in love with your payroll software.
February 14, 2022

Valentine’s Day with KeyPay: Why you’ll fall in love with our payroll software

Celebrate Valentine's Day with KeyPay, to find out why we (and our clients) love our payroll and employee management software.
Product
Automation illustration

Not using KeyPay yet?

Try it free for 30 days

Learn more