Independently audited compliance
We implement controls that are industry recognized and externally audited twice a year to verify their effectiveness and compliance to this standard
Certification across the whole platform
The scope of PageUp’s ISO 27001 ISMS is key. Many companies may just certify their homepage, or the HR Department. PageUp’s ISO 27001 Scope is across the entire Talent Management platform, plus the development and support of that platform, giving our clients peace of mind.
Secure data center and hosting environment
The environment that hosts the PageUp Unified Talent Management Platform maintains multiple certifications for its data centers, people and services. For more information about their certification and compliance status, please visit the AWS Security website and the AWS Compliance Programs website.
Asset risks are annually identified and assessed at a high (strategic) level to determine the common risks across the entire PageUp environment. This risk assessment is used to determine a set of common security controls to be applied across the organization. These security controls are defined in the PageUp information security policies. Risks in the asset risk register are reviewed on an annual basis and the set of common controls are modified as required.
Any new risks identified throughout the year are entered into a tactical risk register. These risks often relate to new systems, new threats or newly discovered vulnerabilities. These risks are reviewed at least quarterly with the Information Security Governance Committee (ISGC) to discuss progress or to agree that the risk has been either accepted or treated and can be closed.
Industry leading security features
Modern browser support
PageUp supports all modern browsers. No plugins, no software.
AWS Security Groups
Security groups set up on least privilege basis. Regularly and automatically reviewed for changes.
All connections to PageUp are sent over HTTPs using TLS (auto negotiate to highest, minimum TLS 1.1) on modern cipher suites.
Individual core DB per client. Hot/hot mirroring.
Single sign on
ADFS, OKTA, SAML, etc, whatever you use, we can implement SSO so setting new passwords is not required. Just use your work login for seamless login and ensure all passwords, timeouts etc match your internal policy requirements.
Strong physical and logical security controls around the hosting locations, trusted by the world’s biggest and most security conscious companies
High Availability Architecture
We regularly test and verify our disaster recovery plans with zero impact to clients, given our highly available, secure and elastically scalable infrastructure
Web Application Firewall
Industry Leading WAF, IDS, IPS, DDOS protection inspect and detect all requests to PageUp’s Talent Management Platform
Elastic load balancers
Strong security policies across our Elastic Load Balancers, only accepting traffic from our WAF
Meet our Information Security
Our ISGC is a cross functional team including but not limited to our; CEO, CFO, CIO, Chief Product Owner, SVP Global Talent, General Counsel, Internal Security Team, Product Development Manager, Head of Technical Account Management, I.T. Manager, Software Developers, Senior Product Owner and Technical Leads
The Information Security Governance Committee (ISGC) actively support security within PageUp through clear direction, demonstrated commitment, explicit assignment and familiarity with all areas of the business including:
- Provide security leadership and guidance
- Oversee security operations at PageUp
- Raise security awareness across PageUp
- Create, update and enforce Security Policies
- Evaluate security related feedback from the business
- Identify, log, manage and mitigate or close Security Risks
- Run the ISGC meetings which discuss risks, feedback, improvements, policy updates and audit results
Award winning talent management
World class organizations attract, retain and develop great
people with PageUp
See PageUp in action today
Find out how the world's leading organizations use PageUp to
make better HR decisions every day