Skip to main content

HirePOS Data Management and Security

HirePOS Guides14. Tips, Tricks and FAQsData Compliance

HirePOS Data Management and Security

Security Mechanisms and Approach

Security Approach

Innercircle Technology Pty Ltd is committed to following industry best practices for the privacy and security of your business data. Your data is stored securely using Microsoft Azure cloud infrastructure in Microsoft data centres located in Australia.

Microsoft Defender for Cloud

We use Microsoft Defender for Cloud, which notifies us of security alerts and provides advanced threat protection for all our Azure resources. This includes SQL databases, containers, web applications, and virtual networks. Microsoft Defender for Cloud detects unusual access attempts and malware uploads, providing comprehensive defences for the compute, data, and service layers of our cloud environment. Weekly Vulnerability Assessment scans notify us of any potential vulnerabilities.

Firewalls

Our Azure SQL Servers are protected by firewall rules that only allow network traffic from the HirePOS web applications hosted within the same data centre. Data modification is possible only through direct user actions with HirePOS applications.

Regulatory Compliance

All Innercircle Technology Pty Ltd (HirePOS) resources hosted in the Microsoft Azure cloud infrastructure are evaluated by Microsoft Defender for Cloud against several regulatory standards.
The compliance of the infrastructure that HirePOS runs on is continuously monitored and maintained. The standards measured include PCI DSS 3.2.1, ISO 27001, and SOC TSP.

Data Storage and Encryption

Data Encryption (in transit and at rest)

Your information is converted into unrecognizable code (ciphertext) using industry-standard data encryption, both in transit and at rest. This protects your personal and financial data. In transit, all data is encrypted with TLS/SSL (HTTPS).

Databases and Data Segregation

HirePOS data is stored in a separate Azure SQL Database for each client subscription, hosted by Microsoft in the Australia East location using the Azure cloud infrastructure. Each subscription is stored in its own discrete SQL database instance, ensuring data segregation, and integrity. Azure SQL Database offers 99.99% availability and is always running on the latest stable version of the SQL Server database engine with a patched OS.

 Backups

To protect your business from data loss and aid in disaster recovery, HirePOS Databases are backed up in several ways over several intervals:

-          Full backups - weekly

-          Differential backups - every 12-24 hours

-          Transaction log backups - every 5 to 10 minutes.

Backup data is stored in geo-redundant (RA-GRS) storage blobs replicated to a paired data center region (Australia Southeast), protecting against outages in the primary region (Australia East) and enabling disaster recovery. Azure SQL Database retains sufficient backups for point-in-time restore (PITR) within the last 7 days.

Disaster Recovery

Data is stored in geo-redundant storage blobs primarily in the Australia East region, replicated to the paired Australia Southeast region. Redundancy mechanisms protect against planned and unplanned events, including hardware failure, network or power outages, or natural disasters. If your hardware device is lost, stolen, or broken, your account is backed up and protected online in the cloud, enabling access from any device with an internet connection.

In summary, your data is secured, within tight controls, and confined to the HirePOS ecosystem, making it virtually indestructible, even in the event of a natural disaster or other catastrophic event impacting an entire Australian state.

 

Users and Data Access

User Authentication

We support and prefer the use of Microsoft Single Sign-On (MS SSO) for enhanced security. MS SSO enables multifactor authentication and other additional protections for user accounts. Organizations can control security requirements and access for user accounts through Microsoft Identities, allowing them to disable user access to HirePOS Central from their Active Directory.

Once SSO is used to access a HirePOS account, it becomes the only login method for that user, disabling the traditional username/password method. Organizations can enforce this from the start to prevent username/password logins altogether, ensuring the use of SSO/Microsoft Identity.

Google Single Sign-On is also available and adds extra layers of security. All users and admins are encouraged to register for multifactor authentication (MFA) through their Microsoft or Google accounts.

HirePOS enforces high-strength passwords, requiring a minimum of 12 characters and at least 3 of the following 4 elements: uppercase character, lowercase character, number and special character.

 

User Behaviour and Practices

While we implement robust security measures, user practices significantly impact data security. HirePOS users are expected to:

-          Use multi-factor authentication available for all accounts via Microsoft and Google.

-          Create strong, secret passwords that are not shared or revealed.

-          Maintain up-to-date malware protection and operating systems.

-          Avoid allowing shared or public web browsers to remember password.

Data Access

Your data security is paramount. No one has access to your organization’s data unless you request it. If you need help with a feature in HirePOS, you can allow one of our team members to view your data with your permission.

For example, our support team typically access your data via remote access to your computer whilst on a call with you. This means interactions with your data are performed under your supervision and control.

Service Reliability

The uptime of HirePOS v5 Cloud relies on the Microsoft Azure infrastructure, known for its reliability and resilience with a typical uptime of 99.9%. However, no system guarantees 100% uptime. We recommend having a backup plan for unexpected outages, such as switching to a 4G wireless network if your NBN wired network is unavailable.

We do not provide a formal SLA but adhere to best practices to reduce downtime risk.

-          HirePOS v5 web application runs on a premium service plan with a minimum of three app server instances at all times.

-          HirePOS updates progress though several stages of testing and release before being deployed to the broader HirePOS user base.

o   Clients can test new features on a beta site before they are moved to live production.

o   Should an update create a significant issue, we can revert to the previous state within less than a minute.