2024 in Review—Sneak Peek at 2025

Security

We recognize that security is critical to you and your success. This is a responsibility we take seriously, and we work with security researchers to stay up to date with the most recent practices in web security.

While we cannot reveal every measure we have in place (as this could be used against us by the very actors we protect ourselves against), we can give you a high-level overview of how we actively keep you and your data safe.

Cloud Infrastructure

TalentHR is exclusively hosted on Amazon Web Services (AWS). AWS is recognized for data centers that are built to withstand all types of threats and are certified for high quality and security.

  • We use storage infrastructure designed for mission-critical and primary data storage. And AWS guarantees reliable data storage.
  • We take backups that are stored on multiple devices across multiple facilities in multiple availability zones. Daily backups ensure we can restore your data in case of failure or accidental deletion.
  • All files that you upload are stored on servers that use the latest techniques to remove bottlenecks and points of failure.
  • We use different storage for user and application data. These servers are not exposed anywhere but the internal network, which is isolated from the internet.
  • We use load balancers to ensure TalentHR is online even with high traffic. Load balancers distribute requests to multiple servers, and this ensures that TalentHR can withstand attacks like DDoS.
  • All TalentHR data are encrypted with AES-256. This is the same level of encryption the US government uses for Top Secret information.

Application Security

To keep our users and their data safe, we continually and carefully monitor, fix and prevent any security vulnerabilities.

  • TalentHR runs behind a firewall and is updated regularly with the latest security patches.
  • TalentHR software stack is modern and secure.
  • We use automated tools to review and automatically scan TalentHR for well-known vulnerabilities.
  • All information passed back and forth between our server and your computer is encrypted (SSL/TLS 1.2). This means if anyone were to “listen in” and try to get to this data, they wouldn’t be able to read or decrypt it.
  • Your passwords are stored, hashed and salted in encrypted servers, which means TalentHR staff don’t know or have access to your password.
  • We use in-depth monitoring services to visualize performance, detect irregular activity patterns, and ensure that our entire infrastructure is functioning as it should. This leads to excellent service performance and uptime.
  • In addition to security offered by Amazon Web Services, we also run an Intrusion Detection and Prevention System.

Internal Security

At TalentHR, we promote a culture of security, so all our employees understand its importance. Before hiring, we conduct background checks.

  • All employees sign confidentiality agreements.
  • All employees are trained in security and privacy, including best security practices, information on new threats and vulnerabilities, as well as privacy and legal/regulatory issues.
  • We never download customer data on our premises.
  • We have dedicated specialized teams that monitor the regulatory and legal requirements continually, as well as enforce privacy and security requirements.
  • We are insured against cybersecurity incidents.

Backup and Recovery

Our MySQL database backups (dumps) are retained for a period of one year, providing long-term data security and historical reference. In addition, we maintain daily snapshots of our database hosts for 30 days, facilitating rapid and easy recovery in the event of emergencies. This dual-layer approach ensures that our data can be swiftly restored and minimizes downtime.

Billing Information Protection

  • Your card information is transmitted, stored, and processed securely through Stripe, where all transactions are processed using secure encryption – the same level of encryption used by leading banks.
  • We do not keep credit card information on our infrastructure in any way.