4 Questions You Should Ask about Data Security
4 Questions You Should Ask about Data Security

4 Questions You Should Ask about Data Security

When considering an HR or payroll provider, security is paramount. To handle your HR functions and to process your company’s payroll, the provider has all of your employees’ most confidential and crucial data. You should be asking, “What do they do to protect it?” Here are four key questions you should ask any potential providers about security.

1. Do you have an outside review of your systems such as a SOC 1 or SOC 2? If so, how often and when was the most recent?

Service organizations that affect the financial statements of their clients are often asked to provide a SOC 1 or SOC 2 audit report. These voluntary audits are performed by outside firms and assess the security of the service provider. Examples of companies that typically have SOC 1 or SOC audits include payroll processors, data centers, medical claims processors and Software as a Service (SaaS) companies. For example, Paycor does a SOC 1 audit annually.

2. What are you doing to protect your systems against attacks from the outside or inside the company?

Attacks from the outside can compromise your sensitive data. The provider should conform to best practices to protect their infrastructure and your data. Some defense measures include:

* Layered network security
* Network traffic encryption according to industry standards
* Network traffic monitoring to identify suspicious-looking activity
* Auditing and notification capabilities
* Regular third-party penetration tests and security assessments

To prevent attacks from the inside, or from the service organization’s employees, ask them if they have confidentiality policies and regular mandatory training for all employees about how to keep client data secure.

3. What are you doing to protect against fraudulent activity?

Many of the defense measures listed above also come into play when it comes to protecting against fraudulent activity. However, best-in-class service providers may also implement the following in order to detect and prevent fraud:

* Internal auditing and quality assurance practices
* Secure document shredding services
* Independent reviews and audits
* Employee reference checking
* Clear policies and standards for employees

4. What is my role as a client or user, and what are my responsibilities when using your product?

Clients and providers must work together to protect sensitive employee data. It doesn’t matter how many controls the provider has in place if the client leaves passwords where anyone could find them, or does not have processes to catch errors or fraudulent activity on the part of their employees. Many data security mishaps can be avoided if clear expectations are set from the beginning.


Want to learn more about keeping your data secure? Connect with a Paycor representative to discuss how we protect your most sensitive information.

More to Discover

Banker

The Hidden Costs of In-House HR & Payroll

The Hidden Costs of In-House HR & Payroll

For years, many small businesses relied on in-house resources to process payroll and keep up with tax filings. Outsourcing payroll to a company was often deemed too costly and most businesses hesitated to relinquish full control.But with the growth of HCM technology and a host of available solutions to manage all components of the employee lifecycle, resistance to outsource HR and payroll has greatly declined. If you’re torn between the two options, check out our infographic below which highlights the risk and hidden costs of shouldering the burden alone.

Case Study: Pawtucket Red Sox

Case Study: Pawtucket Red Sox

The Pawtucket Red Sox Save 80+ Hours a Year with Paycor Solutions “Paycor’s solutions are truly influenced by the professionals who use them. I personally made a suggestion for a product enhancement and it was implemented within months. That tells me Paycor is focused on providing a useful tool and quality experience for users and not just making another sale.” - Matt Levin, Senior Vice President/Chief Financial & Technology Officer Why the Pawtucket Red Sox Baseball Club Chose Paycor The Pawtucket Red Sox (Pawsox) are more than a professional minor league baseball club. They’re an organization that’s dedicated to positively impacting their local community. But since their HR & payroll technology was more of a burden than a...

Case Study: Carolina Taco

Case Study: Carolina Taco

After experiencing numerous tax filing and payroll processing errors, Carolina Taco and Prepared For You Inc. found a provider they could trust in Paycor. “My favorite thing about Paycor is the customer service. The team I work with is so helpful and responsive. They never leave me hanging and go above and beyond to answer questions and support our business.” - Diane Labiendo, Corporate Office Manager, Carolina Taco & Prepared For You Inc. Prior to Paycor Processing payroll was a time-consuming and frustrating experience. Not only did they experience multiple payroll and tax issues, but their previous provider failed to properly pay an employee’s child support. Phone calls searching for support often went unanswered, and HR is still...

What Happens if I Incorrectly Pay Employees?

What Happens if I Incorrectly Pay Employees?

Overpaying or underpaying employees seems like an easy problem to avoid. But it’s a serious challenge that plagues small and medium-sized businesses alike. In 2019 alone, the DOL collected a record $322 million in back wages for employees. With more crackdown and higher penalties, businesses need to be more prepared than ever before. But Penalties Aren’t Your Only Problems Keep in mind the DOL won’t be your only headache. Employee satisfaction, brand reputation and your bottom line are all at risk. To help, here’s everything you need to know should you ever incorrectly pay an employee. What Should You Do If You Overpay an Employee? Let’s start with the basics: According to the Fair Labor Standards Act (FLSA), employers that make a...