Data Security

Vulnerability Testing

STAFFINGGO applications pass through rigorous application vulnerability assessments and risk identification tests, including:

• Cross Site Scripting (XSS)
• SQL Injection
• Secure Transport Layer Protection
• Blind XPATH Injection
• Cross Site Request Forgery (CSRF)
• Cache Poisoning

Role Based Access

Each role, user, or application administrator must log onto the application using a secure environment with their own valid, tightly-controlled credentials.

Server Communication

All data transfer between servers is done via TLS protocols, ensuring safety against wiretapping or Trojan attacks. Data is encrypted at rest on supported MYSQL installations.

Session Security

Token-based authentication ensures no session is persisted server-side. Credentials are exchanged against a stateless JWT token encrypted using FIPS-compliant RSA algorithms.

Audit Logs

We maintain meticulous audit logging that records all attempted or completed actions, including timestamps, origin networks, and authenticated user identities.

Database Backups

Our Business Continuity Plan (BCP) includes daily system backups to ensure your database is robustly secured and can be restored according to policy requirements.

Access Levels

We provide stringent, multi-layered security methods starting from the infrastructure level up to the user level, guaranteeing only authorized access to sensitive elements.

Policies & Personnel

Standard NDAs cover all employee activity. We also mandate comprehensive InfoSec awareness training on remote access, anti-virus protocols, and physical security measures.