Security
We Keep Your Data Safe
Introduction
NextGen Workforce provides the leading solution for business-critical employee scheduling solutions. This on-demand service is used by thousands of business owners and corporations worldwide.
Whether a company is large or small, it must ensure that the employee scheduling solution it deploys offers the highest level of security available. Secure employee scheduling is not merely ensuring that no one can intercept data in transit. It requires an all-encompassing solution that addresses every possible threat to data confidentiality and integrity. Today, a broad range of solutions exist to meet the needs of companies and individuals that must use web-based employee scheduling. Most are either inherently insecure or involve cumbersome setup and maintenance issues. Small and enterprise-level organizations need a solution that offers highly secure tools and a low Total Cost of Ownership (TCO).
NextGen Workforce has implemented a comprehensive, multiple-layer security strategy so you can rest assured that your data remains safe and secure at all times. Based on industry-standard security mechanisms and best practices, NextGen Workforce provides controls at every level of data access, storage, and transfer. We will detail each layer of NextGen’s seven-layer security strategy and explain how NextGen Workforce provides a low-cost, highly secure file sending solution to our customers.
Secure, Reliable Data Center Facilities
We follow industry-standard best practices to ensure the highest levels of security. NextGen Workforce uses Amazon Web Services (AWS) for services related to server hosting, physical and environmental protection, network management, and disk storage supporting the NextGen Workforce application. All of NextGen’s servers are located on the AWS Cloud in N.Virginia (us-east-1), USA, and it is monitored 24/7 to ensure that the servers are always safe and your data always available. The data center compiles with most industry certificates, including ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, HITRUST, PCI, FedRAMP, FERPA, etc. It uses its EC2, RDS, and CloudWatch services, among others. Physical security and environmental controls ensure that access to hosted data is restricted to appropriate personnel. NextGen Workforce processes Personally-Identifying Information (PII) in the US., Our Customer Service Agreement (CSA) only allows for covered employees who work and reside in the US. NextGen Workforce also has IT general computer controls around applications, systems, and security services provided to NextGen Workforce.
Network Access Control
NextGen Workforce implements network and ISP-grade firewalls to provide IP filtering and intrusion detection protection. Every server in each NextGen Workforce data center is protected with a constantly updated, industry-leading firewall, which blocks all ports except HTTP and S-HTTP. Port using HTTP or HTTPS is dynamically opened and closed as required. In contrast, competing solutions using Secure FTP or Secure Shell (SSH) require permanently open ports in a firewall, allowing unfettered inbound network commands and leaving the network vulnerable to attack.
Every server in NextGen Workforce data centers is based on the Linux operating system, a secure operating system that is not commonly affected by viruses or malicious attacks. For additional security, NextGen Workforce conducts regular vulnerability scans of its internal network to detect and prevent security threats proactively. We provide HTTPS (TLS 1.2 with 256bit encryption) encrypted connection between client devices and our application.
User Authentication and Authorization
All NextGen Workforce users must register using a valid email address and password. These credentials are encrypted during transmission and storage using a one-way hash. NextGen Workforce also requires every registered user to authenticate their email address before using the NextGen Workforce service, ensuring that the user has registered a valid email address. Passwords must be more than five and less than 16 characters in length.
When a user requests a password reset, NextGen Workforce verifies that the correct, authorized user is requesting by sending a notification to the email address that requires a response.
Data Storage
All files stored on NextGen Workforce servers are encoded and stored using a scrambled name, making it impossible for a network intruder to identify the file by its original name or read its contents.
Data Transmission
In the NextGen Workforce employee scheduling tools, the user creates accounts at NextGen Workforce. Once the account is created, an email is automatically generated to the account holder, who must validate the account created with the information sent in the email. NextGen Workforce employs the Secure Socket Layer (SSL) protocol. To protect data integrity during employee scheduling, online payments, and user registration, NextGen Workforce implements the highest industry-standard, 256-bit SSL/TLS encryption deployed.
Data Retention
NextGen Workforce automatically stores all files uploaded by a customer for 14 days when the file expires and is deleted. Customers also can customize the data retention policy to meet their specific requirements, setting file expiration times as short as 30 minutes or as long as ‘never expire.’ If a user notices an unexpected or unauthorized download of a file, they can delete it from NextGen Workforce servers.
All user files uploaded to NextGen Workforce servers are replicated on a second server within the same data center and stored on both servers for the life of the file. In the event of a server failure, the file will be retrieved from other servers within the same data center. Server replication to ensure total redundancy is conducted daily.
Auditing
With NextGen Workforce’s comprehensive tracking tools, customers can create and check their employees’ accounts, and we maintain a log of who updated the information. This complete audit trail enables customers to comply with government regulations regarding the traceability of information privacy and accidental disclosure. NextGen Workforce undergoes quarterly perimeter security audits to further ensure its customers’ information security.
HIPAA Compliance
The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) require the service provider to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addresses the security and privacy of health data. NextGen and its staff shall treat all PHI as confidential information and only access the minimum necessary to perform their job functions. PHI shall not be used or disclosed in any way other than as indicated in the business associate agreements as agreed to by NextGen
To comply with the HIPAA Security Rule, NextGen Workforce Solution Ensure
The confidentiality, integrity, and availability of all electronically protected health information.
Detect and safeguard against anticipated threats to the security of the information.
Protect against anticipated impermissible uses or disclosures.
Certify compliance by their workforce.
GPS Tracking Compliance
Employee GPS Tracking Applications have the capability to monitor employees’ whereabouts through GPS tracking on vehicles and mobile devices. But there could be legal ramifications for doing so. as the data recorded or transmitted by GPS tracking applications should not be accessed by anyone other than the Employer or Employee.
Getting your team’s consent to track them protects you against potential legal issues and streamlines the process of creating a good GPS tracking policy.NextGen Workforce Ensures to
Have a lawful basis for processing employees’ personal data
Be transparent about how and why the data is being processed
Avoid using it in a way that would be detrimental to employees
Biometric Compliance
NextGen Workforce Biometric Data collection policy abides with the state-law compliances about the collection, storage, and use of biometric information. It ensures user consent and obligations when dealing with biometric data It also ensures that
Employees should be informed and consent before collecting biometric data.
Biometric data shouldn’t be used for personal profits
Protection and retention of the data according to the statute.
Refrain from selling, leasing, or disclosing biometric information without consent
Storing and protecting identifying information from disclosure
Conclusion
From physical and network access control to user authentication and authorization to data storage, transfer, and retention to monitoring and auditing, NextGen Workforce secures your information at every data access, storage, and transfer level. With its comprehensive, multiple-layer security strategy, NextGen Workforce delivers the only secure, reliable digital content delivery service on the market, giving you peace of mind that your company’s confidential and private information always remains safe and secure. When you use the NextGen Workforce fast digital content delivery service, you can better comply with government regulatory requirements, protect your corporate brand and customer loyalty, and ensure the privacy of your intellectual property and other sensitive data.