Security / SAS-70
Leading firms where security is crucial to the continued success of their business have come to realize Payroll Maxx as the surest path to security excellence. That’s because our goal is three-fold: safeguard and protect your data at all times through the use of technology; insure that our facilities are secure at all times; and offer trouble-free and secure data access from a variety of environments. Security at Payroll Maxx has been engineered to address the most complex and most stringent demands required to safeguard your data.
Restricted Facility Access. Multiple layers of security protect all Payroll Maxx facilities. We uphold our security measures to rigorous standards. Proximity card entry, camera-recorded movement both internally and on the premises, as well as security controlled building access.
Restricted Data Center Access. Security controlled data center access insures that only properly trained IT professionals have access to where the data resides. Security is further controlled by enforcing strict card entry rules.
External Network Entry. Least privileged point of entry requires multiple layers of authentication. First, not only do we know who you are to gain entry as a remote user; but that we also know your computer network - and that you and your PC are registered within our network and validated and authenticated. Here, the least privileged model means that you cannot perform any other actions because you have the least amount of privileges. All remote users are required to pass through three additional layers of security to actually work within their data domain. Next, an "every time" inspection of your public IP address is conducted to ward off potentially malicious traffic attempts. Then we have a security certificate which is passed by our firewall after you are recognized as a valid user. Finally, we have critical user authentication and validation within our payroll software which allows you to access only your payroll data.
Internal Network Entry. We further incorporate security down to the field level for each and every user. Internally, we also incorporate a least privileged model so that each local Payroll Specialist only has access to the appropriate data that represents their client list. In addition, with that data access through additional layers of security, they have only the access to perform the exact functions necessary to process that payroll for that client.
Data Protection. Our advanced storage and backup services protect data from accidental loss and destruction. Payroll Maxx server data is encrypted at the data level. During data transport, the data passes through a 4-layer security process starting at the firewall, the anti-virus filter, the spam-filter and the spyware filter. If the data fails at any checkpoint, the transfer is stopped.
Off-Site Data Replication.Through multiple layers of encryption we run continuous off-site data replication to our “hot site' located on the East Coast. We are not backing up your data in this respect, but we are replicating your data. In the unlikely event of a natural or unplanned disaster, we could begin processing your payroll from our hot site within 30 minutes. Our data replication services are monitored 24x7 to ensure data integrity and protection. Locally, we also have in place a diesel generator with propane backup, tested weekly and inspected twice a year, in the event of a power failure.
Network Operations. All equipment is monitored 24x7 for errors, outages and potential failures at our environmentally controlled Network Operations Center (NOC). Monitoring our servers gives us the ability to ensure your data is always safe, secure and available. We have also incorporated a true-test environment so that software enhancements and server upgrades are performed and tested without interruption. We employ the latest quad core processor technology, and we have incorporated double redundant data servers that allow us to take full advantage of immediate fail-over in the unlikely event of a data server failure.
SAS-70 Type II Certification. Payroll Maxx has achieved third party validation under the Statement of Auditing Standards No. 70 Type II certification. SAS-70 is the authoritative guidance demonstrating that Payroll Maxx has undergone an independent in-depth audit, including testing of Payroll Maxx' control activities over its payroll services. The Sarbanes-Oxley Act makes SAS-70 reports even more important to the reporting on effective internal controls by public companies.
The redundant power, security, environment, and connectivity systems running the Payroll Maxx facilities work seamlessly to maintain 100% uptime. That's why we have earned the industry's highest rating for payroll excellence with SAS-70 Type II certification. And why we hope you will join a world of satisfied clients and consider the leader in Specialized Payroll Solutions For Your Specialized Needs - Payroll Maxx.