Security

Customer trust and data security are critical to everything we do at Hirize.

Product Security

SSO & 2FA

SAML Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials. If you’re using password-based authentication, you can turn on 2-factor authentication (2FA). More details on our docs.

Permissions

We enable permission levels within the app to be set for your teammates. Permissions can be set to include app settings, billing, user data or the ability to send or edit messages.

Password and Credential Storage

Hirize enforces a password complexity standard and credentials are stored using a PBKDF function (bcrypt).

Network and application security

Regional Data Hosting and Storage

Hirize services and data are hosted in Amazon Web Services (AWS) facilities in the N. California (us-west-1) and Frankfurt (eu-central-1).

Failover and DR

Hirize was built with disaster recovery in mind. All of our infrastructure and data are spread across 2 AWS availability zones and will continue to work should any one of those data centers fail.

Virtual Private Cloud

All of our servers are within our virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests from getting to our internal network.

Back Ups and Monitoring

On an application level, we produce audit logs for all activity, ship logs to Graylog for analysis and use S3 for archival purposes. All actions taken on production consoles or in the Hirize application are logged.

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job. Intercom is served 100% over https. Hirize runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Hirize’s network. We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on GitHub, Google and AWS to protect access to cloud services.

Encryption

All data sent to or from Hirize is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.

Incident Response

Hirize implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post-mortem. All employees are informed of our policies.

Additional Security features

Training

All employees complete Security and Awareness training annually.

Policies

Hirize has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.

Employee Vetting

Hirize performs background checks on all new employees in accordance with local laws. The background check includes employment verification and criminal checks for US employees.

Confidentiality

All employee contracts include a confidentiality agreement.

PCI Obligations

All payments made to Hirize go through our partner, Stripe. Details about their security setup and PCI compliance can be found on Stripe’s security page.