Ultimate Software: Committed to Protecting Your Organization’s Data
Data protection and security are always major concerns when considering a cloud human capital management (HCM) solution—especially when it comes to your company’s sensitive HR data. With UltiPro®, you can enjoy peace of mind knowing that industry best practices are followed.
Ultimate Software is committed to protecting your organization’s data from security threats, whether internal or external. We were the first HR/payroll SaaS vendor to be ISO certified, ISO/IEC 27001—the most widely recognized information security standard in the world. The in-depth auditing process required for ISO certification includes a systematic examination of risks and vulnerabilities and a comprehensive plan of information security controls. Management at an organization seeking this certification must adopt an overarching process to keep these controls up-to-date and continuously improving.
Ultimate’s data centers are secure, hardened facilities equipped with the most advanced technologies. Security features include:
- World-class data protection and encryption for sensitive workforce data
- Built-in solution and database protection designed to prevent unauthorized access to information, including layers of redundancy, encryption, network and web firewalls, intrusion detection, and user authentication
- Full-time security management personnel, many accredited as Certified Information Systems Security Professionals (CISSP)—CISSP indicates rigorous industry testing and signifies a more elevated skill set in information security and related best practices
- Proactive business continuity planning and protection strategy with geographically dispersed centers that have fully redundant power subsystems and protection against fires, natural disasters, power outages, sabotage, and theft
- Nightly backup of customers’ data sent to an alternate Ultimate facility
- Continuous, automatic monitoring for viruses to ensure privacy and data integrity
In addition, Ultimate’s SaaS model is SOC1 Type II audited to ensure it meets stringent criteria for security and reliability.