Security

Reframe’s top priority is ensuring the security of our customer’s data and maintaining customer trust, ensuring that you are in control of your data.

We’ve established and ongoingly maintain the highest enterprise standards around security and privacy, keeping your data and your employee’s data secure every step of the way.

Reframe’s ongoing commitment to security drives us to consistently perform reviews of our eco-system such as penetration testing and compliance audits.

Enterprise Grade Infrastructure

Reframe is hosted on Amazon Web Services (AWS), and utilized services within the AWS platform, allowing us to leverage the security and compliance that exists within these services. The Amazon Web Services data centers implement strict physical and cyber security protocols, and SOC 1, SOC 2, and SOC 3 compliant/certified.

Enterprise Data & Application Security

Data Encryption

Data in-transit is encrypted using TLS 1.2, and data at-rest is encrypted via OpenSSL using AES-256 and AES-128 with MAC signing. Furthermore, all data at-rest is additionally encrypted in our native AWS data stores using native AWS encryption technologies.

Permission

Access to your employee’s data is accessible only to users within your workspace with the appropriate level of permission, with all controls over these permissions in your hands.

Single Sign-On

Through integration with multiple popular enterprise-grade HR tools, Reframe offers a single sign-on experience that allows you to access our services by utilizing your existing accounts on these services.

Incident Handling

As part of our ongoing commitment and maintaining trust, Reframe will report any security breaches within 48 hours of occurence, and vulnerabilities will be addressed immediately by our security team.

Compliance

GDPR (EU)

Reframe is GDPR compliant, ensuring that organizations in the EU can rest assured that their data is being handled in compliance with their local laws.

PCI

Reframe is PCI-compliant, and handles all payment processing using Stripe with the support of tokenization, ensuring that credit card information is never stored on our servers.

Ongoing Commitment To Security

Secure Software Development

Reframe’s software development lifecycle and processes place much focus on ensuring security through testing for vulnerabilities prior to releases.

Penetration Testing

Reframe works with industry leading security firms to perform penetration testing at every layer of our platform’s ecosystem, with immediate remediation.

Security Team

Reframe’s Security Team is responsible for reviewing all aspects of the overall maintenance of our security procedures including but not limited to auditing, testing, remediating, and updating policies.

Contact Our Security Team

Do you have any questions regarding Reframe’s security?