Security
Introduction
NextGen Workforce provides the leading solution for business-critical employee scheduling solutions. This on-demand service is used by thousands of business owners and corporations around the world.
Whether a company is large or small, it must ensure that the employee scheduling solution it deploys offers the highest level of security available. Secure employee scheduling is not merely a matter of ensuring that no one can intercept data in transit, it requires an all-encompassing solution that addresses every possible threat to data confidentiality and integrity. Today, a broad range of solutions exist to meet the needs of companies and individuals that must use web-based employee scheduling. Most, however, are either inherently insecure or involve cumbersome setup and maintenance issues. Small businesses and enterprise-level organizations alike need a solution that offers both highly secure tools and a low Total Cost of Ownership (TCO).
NextGen Workforce has implemented a comprehensive, multiple-layer security strategy so you can rest assured that your data remains safe and secure at all times. Based on industry-standard security mechanisms and best practices, NextGen Workforce provides controls at every level of data access, storage, and transfer. We will detail each layer of Clock Ware's seven-layer security strategy and explain how NextGen Workforce provides a low-cost, highly secure file sending solution to our customers.
Secure, Reliable Data Center Facilities
We follow industry-standard best practices to ensure the highest levels of security. NextGen Workforce uses Amazon Web Services (AWS) for services related to server hosting, physical and environmental protection, network management, and disk storage supporting the NextGen Workforce application. All of NextGen Workforce' data is hosted by AWS in the U.S. It uses its EC2, RDS and CloudWatch services, among others. Physical security and environmental controls ensure that access to hosted data is restricted to appropriate personnel. NextGen Workforce processes Personally Identifying Information (PII) in the U.S., and our Customer Service Agreement (CSA) only allows for covered employees who work and reside in the U.S. NextGen Workforce also has IT general computer controls around applications, systems, and security services provided to NextGen Workforce.
Network Access Control
NextGen Workforce implements network and ISP grade firewalls to provide IP filtering and intrusion detection protection. Every server in each NextGen Workforce data center is protected with a constantly updated, industry-leading firewall, which blocks all ports except HTTP and S-HTTP. Port using HTTP or HTTPS is dynamically opened and closed as required. In contrast, competing solutions using Secure FTP or Secure Shell (SSH) require permanently open ports in a firewall, allowing unfettered inbound network commands and leaving the network vulnerable to attack.
Every server in NextGen Workforce data centers is based on the Linux operating system, a secure operating system that is not commonly affected by viruses or malicious attacks. For additional security, NextGen Workforce conducts regular vulnerability scans of its internal network to proactively detect and prevent security threats.
User Authentication and Authorization
All NextGen Workforce users must register using a valid email address and password. These credentials are encrypted during transmission and storage using a one-way hash. NextGen Workforce also requires every registered user to authenticate his or her email address before the user is able to use the NextGen Workforce service, ensuring that the user has registered a valid email address. Passwords must be more than five and less than 16 characters in length.
When a user requests a password reset, NextGen Workforce verifies that the correct, authorized user is making the request by sending a notification to the requesting email address that requires a response.
Data Storage
All files stored on NextGen Workforce servers are encoded and stored using a scrambled name, which makes it impossible for a network intruder to identify the file by its original name or read the contents of the file.
Data Transmission
In the NextGen Workforce employee scheduling tools, user creates accounts at NextGen Workforce. Once account is created, an email is automatically generated to the account holder, who then must validate the account created with information sent in email. To ensure that data is not compromised, NextGen Workforce employs the Secure Socket Layer (SSL) protocol. In order to protect data integrity during employee scheduling, online payments, and user registration, NextGen Workforce implements highest industry-standard, 256-bit SSL/TLS encryption deployed.
Data Retention
NextGen Workforce automatically stores all files uploaded by a customer for 14 days, at which time the file automatically expires and is deleted. Customers also have the ability to customize the data retention policy to meet their specific requirements, setting file expiration time as short as 30 minutes or as long as ‘never expire’. In the event a user notices an unexpected or unauthorized download of a file, he or she can delete the file from NextGen Workforce servers.
All user files uploaded to NextGen Workforce servers are replicated on a second server within the same data center and stored on both servers for the life of the file. In the event of a server failure, the file will be retrieved from other server within the same data center. Server replication to ensure total redundancy is conducted on a daily basis.
Auditing
With NextGen Workforce comprehensive tracking tools, customers can create and check accounts of their employees, we maintain a log of who updated the information. This complete audit trail enables customers to ensure compliance with government regulations regarding the traceability of information privacy and accidental disclosure.
To further ensure the security of its customers’ information, NextGen Workforce undergoes quarterly perimeter security audits.
Conclusion
From physical and network access control to user authentication and authorization to data storage, transfer, and retention to monitoring and auditing, NextGen Workforce secures your information at every level of data access, storage, and transfer. With its comprehensive, multiple-layer security strategy, NextGen Workforce delivers the only secure, reliable digital content delivery service on the market, giving you peace of mind that your company’s confidential and private information always remains safe and secure. When you use the NextGen Workforce secure digital content delivery service, you can better comply with government regulatory requirements, protect your corporate brand and customer loyalty, and ensure the privacy of your intellectual property and other sensitive data.