Your data is secure: How Hurma System protects the personal details of our customers

Team Hurma

  • 14 min
  • 9536
  • 0

Automation of HR processes has long ceased to be just a trend and has become a necessity in any business. In fact, there are more than enough systems on the market. But do they all satisfy your needs? Some of them are too expensive, while others do not provide the functionality for all the necessary business processes. However, neither of these concerns are decisive in choosing a system. “How safe is it?” is the most frequently asked question from customers.

Therefore, we propose to discuss the security features of Hurma - the first Ukrainian HRIS-system for HR and recruiters, which provides all the necessary basic functionality for HR specialists. Today you’ll learn how we protect customer information in Hurma System.

External protection

Let’s take a closer look at how Hurma deals with data security requirements from a technical standpoint.

Data architecture

There are two main approaches to data architecture design in SaaS applications:

  • Multitenancy
  • Single Tenant

The first approach involves “multiple tenants,” where a single instance of an application running on a server serves many client organizations. It allows you to significantly save costs by storing all user data on one server in a single database. In other words, the companies that organize the data architecture using the multi-tenancy approach save on the most important thing — customer data safety. After all, it is enough to hack one server and the data of all clients is compromised. In addition to the low level of security, this approach negatively affects the performance of your recruiting or HRM system.

IT Svit company, the developer of Hurma System, has been successfully working for 15 years in the foreign IT markets with the USA, Japan, Germany, Israel, developing the application architecture and infrastructure for customers from these countries.

Taking into account our experience working with international corporations and data security standards like GDPR, we deliberately chose a more complex and expensive approach - Single Tenant SaaS infrastructure.

A secure private environment, a personal cloud server is created for each client. Data is stored in isolation from all other clients, which means its reliable protection. The system performance and workloads of different client infrastructures are not interconnected and do not affect each other. This way, data storage does not imply a single point of failure, which can disable the entire system or make data inaccessible.

In addition, it is worth noting the fact that customer data is stored only in encrypted form using RSA encryption. Thus said, we are proud to make sure Hurma System has client’s best interests in mind, making the client’s confidential information security the top priority of our operations.

Data hashing

Hurma System uses RSA data encryption, which is one of the world’s most trusted approaches to data storage security. All active sessions require authentication and are also protected from inception and other types of cyber-attacks. All customer data is stored in encrypted form in private cloud subnet located in France and Germany.

Thus said, none legal initiatives or political intrigues can affect the security and performance of your business. Such measures help IT Svit protect our customers’ data from attempts of illegal confiscation or persecution, which are quite frequent in the business world of post-USSR countries.

Support 

If our customers have questions regarding any aspects of using Hurma System features, they can get assistance from Support Hurma System. Highly-qualified technical support specialists will answer any customer’s question regarding Hurma System in under 10 minutes, and will help solve any challenge with our platform, doing it step-by-step over the phone or in online chat.

We also regularly collect customer’s feedback on desired system adjustments and add new system features based on customer’s requests and in accordance with our long-term product development strategy.

Uptime

Uptime is the guaranteed uninterrupted time of availability of any computing system or its component. Downtime — a period when the service is temporarily unavailable, mostly for technical reasons.

An ideal scenario is 100% uptime with no downtime, but this is nearly impossible to implement in real life. Some force-majeure situations or scheduled server maintenance can lead to service downtime on the hosting side. Thus said, 98% uptime and 2% downtime is the realistic best-case scenario for a SaaS. Hurma System uptime for a year after release is 99%, which means our platform is almost always available and operational.

Internal data protection

Hurma splits access rights by roles (RBAC)

Hurma was built with utmost attention to customer’s convenience and ease of use. Thus said, every customer can appoint different system roles to different employees. An administrator, for example, has full access rights and sees all system sections, can create, manage and delete users, moderate all data, etc., while users have much less control over the processes and can manage only the features relevant for them (issuing requests for 1:1 meetings, taking part in various polls, requesting sick leaves, days off, vacations, etc.)

What roles are available in Hurma?

  1. Administrator
  2. HR
  3. Recruiter
  4. Employee
  5. Company-wide manager
  6. Team manager (has rights inside a team)

They can have the following types of rights:

  • full access
  • full access to own events
  • view only
  • view only without HR sections

The data can be displayed or not in several ways:

  • not display
  • display recruiting-related events only
  • display user-related events only

In “Employees” section you can appoint a role and access rights to every new system profile:

Access right for “Employee” profiles

Hurma is a system for all company employees, but common users have access only to the information relevant to their tasks and responsibilities. They see the following menu sections:

  • Dashboard
  • Calendar
  • Tree
  • OKR
  • Vacancies (only viewing the open vacancies)
  • Profile

HR managers, however, have a moderator’s access to many more menu sections:

  • Vacancies
  • Candidates
  • Employees
  • Vacations and requests
  • Events
  • Templates
  • Statistics
  • Settings

“Settings” is where you configure the data display settings for every company employe:

Besides, all employees are grouped as the members of their respective teams in the “Company Tree”. HR manager or Administrator can configure the visibility of each group or individual group members. Public groups are visible to everyone and their members can see other public groups. Private groups are visible only to selected employees, and their members can view any group they have been given access to. This is very convenient for ensuring corporate data security, control over mentorship processes, corporate training and many other tasks.

Security is the main concern of all customers while selecting an HRM-system

Hurma System meets and exceeds security requirements in full. You no longer need to worry about correct configuration of “Access Settings” in your Google spreadsheet, or worry about data leakage when working with custom HRM systems. Partnership with Hurma System ensures the security of your information.
We would be glad to provide any additional information, submit your applications to https://hurma.work/ and we will be in touch shortly!

    HR Director duties
    The HR Director (HRD) is one of the key figures in any company. The work of the whole team depends on his professionalism. HR Director attracts new employees, engages in ...
    HURMA System Guide: a manual for employees
    HURMA is not only an All-in-One solution for HR and recruiters. Many developers, sales managers, lawyers, and accountants from 15 countries have already appreciated the HRM system. With the help ...
    Did you see a mistake? Press Ctrl + Enter

    Spelling error report

    The following text will be sent to our editors: