Productivity Monitoring To Grow Effective Teams!
We take the security and privacy of our customer’s data very seriously and the following measures are in place to provide you with peace of mind; knowing that we ensure the security and integrity of all collected data. We have gone above and beyond to ensure the infrastructure and apps that we bring you are secure and are rigorously, as well as consistently tested for any vulnerabilities.
Protecting Private Information
WorkStatz meets the criteria contained within the Protection of Personal Information Act (PoPI) which governs the right to privacy including the unlawful collection, retention, dissemination and use of personal information. WorkStatz only tracks active screen time during working hours, including time spent, the application name, file name or website name only.
We have no visibility into the actual contents within and therefore do not store that information on WorkStatz servers, meeting the requirements of PoPI to protect the private data of your employees. WorkStatz also does not process any credit card information or banking information of your employees, other than the names of employees provided by your company upon setup.
The data is encrypted using custom designed encryption algorithm and transmitted over a secure channel to our database. We use HTTPS, SSL/TLS channels to ensure data security and Multiple Certificates are used during data transit. The database is secured behind a firewall that only al lows access from our API through an encrypted channel. Our database has a strict replication and backup schedule to ensure data integrity, and the dashboard also makes use of SSL/TLS channels for data retrieval.
Network-level security consists of three main components:
- DDoS mitigation
- VLAN reverse path forwarding protection
- Juniper firewall rules at the network edge and core
Reverse path forwarding protection is enabled for all VLANs in our data centres. This policy ensures that only the subnets allocated to a VLAN can generate traffic for that VLAN. This helps to mitigate two kinds of malicious traffic:
- Source-spoofed traffic where a host is sending out traffic for subnets that do not belong to the VLAN.
- Inter-VLAN subnet spoofing, where a host in one VLAN uses IP addresses from another VLAN using source-spoofing.
Firewall rules on the data centre network edge and at the core are used to protect the network in a number of ways:
- Rate-limiting of certain protocols to protect the network infrastructure.
- Blocking of certain protocols and destination IP addresses to protect our operational systems.
- Restricting access to certain hosts and protocols to defined lists of source addresses.
- Blocking of abusive IP addresses and hosts.