Security

Reejig™ has a steadfast commitment to safely retaining customer data and personal information.

 

We have taken every measure possible to ensure customer data and personal information is secure and protected. Our team is driven by integrity, and are diligent and dedicated to completing tasks while securely maintaining customer data and personal information.

Dots spacer

Security Statement

Reejig™ is committed to maintaining the trust of our customers. At the heart of this, is providing a robust compliance program that carefully considers data protection matters across our suite of services, including data submitted by customers to our services (‘Customer Data’).

 

Reejig’s™ Talent Intelligence Platform meets global standards for security and integrity, with verification from trusted third parties.

Standard Occupational Classification (SOC)

Reejig™ is delivered on a cloud platform that is SOC 2 Type I and SOC 2 Type II certified by third-party auditors.

Data protection

Reejig™ employs several methods to ensure the maintenance of customer data and personal information, and to prevent unauthorised access.

Data segregation:

Every customer’s data is stored separately and encrypted at rest.

Secure API:

Reejig™ uses secure protocols to connect with customer systems using Transport Layer Security 1.2 for HTTPS encryption, which is authenticated by AES-256 bit encryption.

Secure web application:

The Reejig™ platform uses HTTPS by default, with all data encrypted in transit

Internal data encryption:

In addition to encrypting API and web traffic, Reejig™ encrypts all internal traffic. All data at rest, from databases to file systems to caches, is encrypted using AES-256, managed through Amazon Web Services (AWS) Key Management Service.

Data access

Access to customer data is only provided to select employees to troubleshoot in the event of a customer issue that needs to be resolved. Arbitrary access is prohibited, and every access is logged.

Back-up

Reejig™ uses database replication and periodic snapshots to avoid data loss. In case of a data loss, we can use replicas to quickly recover to a known previous state.

Physical security

Reejig™ does not store any data on-premises. We use the secure data cloud for all data storage and processing, which complies with rigid security requirements.

Incident response

To guard against incidents, Reejig™ has procedures in place to disallow external access to data at short notice. We also have strict logging in order to identify all access.

Access control and provisioning

Reejig™ supports SAML-based provisioning Single Sign-On systems to leverage our customers authentication architecture, and also has an internal permissions-based account system.

Penetration testing

Reejig™ conducts periodic third-party security assessments to verify security controls.

Automated security assessment

Reejig™ uses best-in-market third party systems to automatically assess applications for exposure, vulnerabilities, and deviations from best practices.