HRToolbox - Tools to Manage a Global Workforce

Client Login | Request Demo | FAQ | Contact Us

	Superior Customer Service
	Data Security
	Flexible Technology Platform
	Speed of Implementation
	Proven ROI Results

Home | Why HRToolbox | Data Security

HRToolbox, Inc. has pioneered a way of delivering advanced human resources and international assignment management functionality to companies via the Internet. Although the Internet provides many benefits, the way in which personal data is transferred through the public domain and ultimately stored must be thoroughly scrutinized to insure the highest level of integrity and security.

The HRToolbox service was designed and constructed with the Internet in mind. We paid special attention to scalability, manageability, and usability when designing and building our solution.

Service Architecture and Secure Communications
Anyone using either an Internet Explorer 5.0 or greater browser or Netscape Communicator 4.0 or greater browser can access our site from anywhere in the world using the latest in security technologies including Verisign's Global Certificate which allows users outside of the United States to access our servers using 128-bit encryption.

The technologies used involve a combination of Secure Socket Layers (SSL) and certificates. SSL is used to encrypt any information transferred from a web browser to a web server and vice-versa. There are two levels of encryption used-128-bit and 40-bit. The stronger of the two is 128-bit encryption and is available today within the United States and, through the use of a Global certificate, can be utilized outside of the United States. Therefore, users outside of the United States with the appropriate browser technology can also utilize the stronger of the two protocols. When a user logs in to the service, the web server will determine the level of encryption supported by the browser and establish the appropriate connection.

SSL insures that the communication between two parties cannot be listened too, but it does not insure that both parties are who they claim to be. This is the job of the certificate. A certificate is issued to an individual or corporation from a Certificate Authority, such as Verisign, after an extensive background check has been preformed to verify the identity of the individual or corporation. This certificate is then installed on their server, allowing anyone who accesses their site to know for certain with whom they are communicating. The HRToolbox service grants access to clients through a username and password. Therefore, the identities of both parties can be validated.

Through SSL and certificates, we can safely assume that no one can eavesdrop on our communications and that the identity of all parties concerned can be verified.

Application Security
In addition to the technologies discussed above, the HRToolbox service was designed to track any access to the system and the subsequent changes made during a given session. Each time a request is made, it is logged, the identity of the user is verified, checks are made to insure that the user has authority to view the information requested, and the changes made are logged in a sophisticated audit log. Therefore, we can tell the last time a record was modified, who modified it, and what the previous values were.

Further measures are taken with respect to the user login. Each attempt to log in is recorded as well. If the user fails to log in after five (5) attempts, the account will be disabled and it will have to be reactivated by the HRToolbox team. This measure will prevent anyone from using "brute force" measures to gain access to client data.

Data filters have also been added to allow administrators to define what each user has authorization to view and/or edit. This feature will allow users to see only the data they have a need to see. For example, users in London may only need to manage information associated with assignees who were based in London. The Super User will have access to the entire system and can report across the entire population.

Our site navigation is also secured. The administrator can define which links a user may access and therefore grant or deny access to certain areas. For example, finance administrators in certain locations may only need to manage payments for a specific group of individuals. Our site navigation and data filter technologies will enable an administrator to grant these features with very little effort.

Safe Harbor Certification
HRToolbox is also a self-certified member of Safe Harbor and have complied with the principles necessary to become a member. This membership helps us to comply with the European Commission's Directive on Data Protection. To read more information on the Safe Harbor principles, go to the U.S. Department of Commerce Safe Harbor website at www.export.gov/safeharbor.

Customer Care

Superior customer care is an essential corporate value that has helped HRToolbox develop into a successful and well-known company...

Read more testimonials

"...HRToolbox can make changes to their products based upon their clients' needs..."

Request A Demo

Interested in test-driving our system?

Our presentation usually takes about an hour and can be done right over the phone. Give us a call to learn more.