SECURITY

Keep your employee data safe

The security of your data is our top priority. Here are our methods of storing HR data

Security measures

Backups

We have safe backups of all our systems and data. We’re keeping them in the separate safe location. Backups are tested periodically.

Data separation

Each client has its own database for 100% data separation.

High availability

Calamari is designed to ensure high availability. Every layer of the stack is equipped with mechanisms to ensure 24/7 availability.

Auditability

We’re fully auditable. We’re gathering all the events from our systems. All the logs are encrypted, protected from modification and kept in the separate safe location.

Code review

Our product is developed in accordance with best software development practices. We conduct code reviews for every change to our systems.

Patching

We have a software and system update process and we’re using AWS automatic software vulnerability management tools to achieve it.

Regular pen tests

We’re running periodical vulnerability scans and pen tests.

Data encryption

Data encryption at rest and in transit.

Access management

We have a working access management process with periodical access audits and reports.

Secured data transfer

All connections between our web/mobile application and backend services are secured by HTTPS/SSL certificates. We are using SSL 256-bit, one of the strongest encryption algorithms.

Compliance

We’re a cloud base company compliant with AWS Well Architected Framework. All our software and systems are compliant with the industry best practices and standards. Calamari apps are hosted in the most secure commercial data centers – Amazon Web Services. Our hosting provider is certified with ISO 27001, SOC 2, SOC 3, and more (https://aws.amazon.com/compliance/). We are GDPR compliant. We’re preparing for ISO 27001 certification this year.

Security Monitoring

We have a host intrusion detection system in place and we’re using native AWS security auditing tools (AWS Config, Cloud Trail, Security Hub, AWS Inspector etc.) We have incident response and incident management process in place. We’re using MFA for all the systems that we’re using.

Permissions & Authorisation

Calamari users within an organization are assigned permissions that determine their access
to information. As a result every user can be assured of confidentiality. Account roles are:

  • icon Administrator
  • icon Company manager
  • icon Team manager
  • icon Direct manager
  • icon Employee

Find out more information in our Help Center

Make HR simple

Try Calamari for 14 days for free and see yourself how to keep employee data safe.

  • Easy & quick setup
  • No tech skills needed
  • Support from 1 day

No card required. Trial ends automatically.

  • Easy & quick setup
  • No tech skills needed
  • Support from 1 day