NEWS

Find the right payroll software for your business with our handy guide...

close icon

Discover our features

Want to know all the features available on PayFit ? Here is a detailed list.

Payroll and declarations

Go to the product page

Security audits

  • Use of technology such as Sentry and AWS Cloudtrail to provide an audit trail over its infrastructure and the PayFit application. Auditing allows to perform ad-hoc security analysis, track changes made to the PayFit setup and audit access to every network layer.

  • Run of a private bug bounty programme on HackerOne to identify and mitigate security threats. Access to this programme is by invitation only.

Hosting & network

  • Management of all hosting facilities directly by Amazon Web Services, according to ISO 27001.

  • All transmissions between client and server and to external systems are performed through end-to-end HTTPS encryption.

  • PayFit's network splits into subnetworks, each handling a specific function, both for performance and security enhancement.

  • Separation of testing and production environments.

  • Isolation of PayFit network from the Internet, with the exception of a single entry point (proxy). Each point inside the network follows strict firewall rules.

  • Protection of access to PayFit systems through AWS and Kubernetes rights management.

  • Access to data, by authorised staff members, is only allowed through a VPN protected by 2FA authentication.

  • Monitoring and log of data transmission from IT systems that store or process personal data.

  • Synchronisation of all servers through an AWS NTP server.

Data

  • Data storage and backups situated in France.Encryption of all stored data in transit and at rest, including any backup copies.

  • Data anonymisation or non-transmission to sub-processors.

  • Mandatory user authentication by email and password (controlled by a strict policy) with the option of two-factor authentication (2FA) via SMS token authentication.Internally, data access, for authorised staff members, is only allowed through a VPN protected by 2FA authentication.

  • Data transmission through TLS/SSL only with HSTS and perfect forward secrecy fully enabled. PayFit is graded as an "A" rating on SSL Labs' tests.

  • Access to customer data restricted to identified teams, with a proportional and justified reason to do so. Systematic log of such access.

How does PayFit compare to an outsourced payroll solution?

PayFit combines the best of both worlds! You'll get the benefits of using a fully automated, cloud-based payroll software that allows you to easily and quickly run payroll in-house with dedicated support from our payroll experts.

Gestion du personnel

Accéder à la page produit

Security audits

  • Use of technology such as Sentry and AWS Cloudtrail to provide an audit trail over its infrastructure and the PayFit application. Auditing allows to perform ad-hoc security analysis, track changes made to the PayFit setup and audit access to every network layer.

  • Run of a private bug bounty programme on HackerOne to identify and mitigate security threats. Access to this programme is by invitation only.

Hosting & network

  • Management of all hosting facilities directly by Amazon Web Services, according to ISO 27001.

  • All transmissions between client and server and to external systems are performed through end-to-end HTTPS encryption.

  • PayFit's network splits into subnetworks, each handling a specific function, both for performance and security enhancement.

  • Separation of testing and production environments.

  • Isolation of PayFit network from the Internet, with the exception of a single entry point (proxy). Each point inside the network follows strict firewall rules.

  • Protection of access to PayFit systems through AWS and Kubernetes rights management.

  • Access to data, by authorised staff members, is only allowed through a VPN protected by 2FA authentication.

  • Monitoring and log of data transmission from IT systems that store or process personal data.

  • Synchronisation of all servers through an AWS NTP server.

Data

  • Data storage and backups situated in France.Encryption of all stored data in transit and at rest, including any backup copies.

  • Data anonymisation or non-transmission to sub-processors.

  • Mandatory user authentication by email and password (controlled by a strict policy) with the option of two-factor authentication (2FA) via SMS token authentication.Internally, data access, for authorised staff members, is only allowed through a VPN protected by 2FA authentication.

  • Data transmission through TLS/SSL only with HSTS and perfect forward secrecy fully enabled. PayFit is graded as an "A" rating on SSL Labs' tests.

  • Access to customer data restricted to identified teams, with a proportional and justified reason to do so. Systematic log of such access.

Learn more about our security policy