Reejig's Work Ontology™ Awarded 2023 Top HR Tech Product of the Year

image

Security

Reejig has a steadfast commitment to safely retaining customer data and personal information. We have taken every measure possible to ensure customer data and personal information is secure and protected. Our team is driven by integrity and are diligent and dedicated to completing tasks while securely maintaining customer data and personal information.

Security statement

Reejig is committed to maintaining the trust of our customers. At the heart of this, is providing a robust compliance program that carefully considers data protection matters across our suite of services, including data submitted by customers to our services (‘Customer Data’). Reejig’s platform meets global standards for security and integrity, with verification from trusted third parties.

Data protection

Reejig employs several methods to ensure the maintenance of customer data and personal information, and to prevent unauthorized access:
image
Data segregation
Every customer’s data is stored separately and encrypted at rest.
image
Secure web application
The Reejig platform uses HTTPS by default, with all data encrypted in transit
image
Secure API
Reejig uses secure protocols to connect with customer systems using Transport Layer Security 1.2 for HTTPS encryption, which is authenticated by AES-256 bit encryption
image
Internal data encryption
In addition to encrypting API and web traffic, Reejig encrypts all internal traffic. All data at rest, from databases to file systems to caches, is encrypted using AES-256, managed through Amazon Web Services (AWS) Key Management Service.
Access control and provisioning

Reejig supports SAML-based provisioning Single Sign-On systems to leverage our customers authentication architecture and also has an internal permissions-based account system.

Automated security assessment

Reejig uses best-in-market third-party systems to automatically assess applications for exposure, vulnerabilities, and deviations from best practices.

Standard Occupational Classification (SOC)

Reejig is delivered on a cloud platform that is SOC 2 Type I and SOC 2 Type II certified by third-party auditors.

Data access

Access to customer data is only provided to select employees to troubleshoot in the event of a customer issue that needs to be resolved. Arbitrary access is prohibited, and every access is logged.

Physical security

Reejig does not store any data on-premises. We use the secure data cloud for all data storage and processing, which complies with rigid security requirements.

Incident response

To guard against incidents, Reejig has procedures in place to disallow external access to data at short notice. We also have strict logging in order to identify all access.

Penetration testing

Reejig conducts periodic third-party security assessments to verify security controls.