Security

We are dedicated to maintaining the highest levels of security and compliance.

Your network is internally controlled and there are no external entry points for bad actors.

Workrede provides employers with a secure and compliant way to engage with their frontline workforce. When leveraging the platform on mobile or desktop, you can rest assured that your data and content is safe.

Organizations and users across the world entrust Workrede with their data, and we make it a priority to take security and privacy concerns seriously. We place a premium on ensuring the safety of our systems. Learn more about our approach:

AWS: Secure Physical Location. Our servers are located in Amazon’s AWS Data Centers. A detailed explanation of AWS’ security procedures can be found at https://aws.amazon.com/security/ and https://aws.amazon.com/compliance.

SOC 2 Compliance: Workrede has met a voluntary compliance standard for service organizations, developed by the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. We provide this report to prospects and customers who expect an enterprise-grade, secure, and compliant software platform.

Multi-Step Authentication: Private Workrede networks can only be accessed with a valid username and password and a unique organization ID key, preventing unauthorized users from accessing private networks and an organization’s data.

Traffic Data Encryption: Workrede uses 256-bit AES, supports TLS 1.2 for all of your messages and uses the ECDHE RSA Key Exchange Algorithm. We monitor the security community’s output closely and work promptly to upgrade Workrede Services to respond to new vulnerabilities as they are discovered.

External Security Audits: We contract with a respected external security firm who performs regular audits of Workrede to verify that our security practices are sound and to monitor Workrede service in light of potential vulnerabilities discovered by the security research community.

Revoke Access: Upon dismissal or disassociation with an organization, an employee or organization affiliate user’s access to an organization’s network and related content and messaging capabilities can be removed and restricted.

PHI and HIPAA Compliant Messaging: Workrede meets all required criteria of HIPAA regulations ensuring the protection of personal health information and related data.

Availability

We realize that our end users, and the organizations they represent, rely heavily on continuous and uninterrupted access to the Workrede application in order to conduct business. As a result, it is our commitment to you that we are constantly focused on ensuring Workrede is reliable and consistently available for your continued use. The Workrede platform is designed to withstand availability issues and unscheduled downtime through continuous application uptime and customer support monitoring, and by practicing server and operational redundancy standards and employing disaster recovery measures.

Confidentiality

Your privacy and the confidentiality of your organization’s data is very important to us, and it is our priority to protect it. We regard the information you share within your organization as private and confidential to your organization. In order to provide your organization, employees, and affiliates with the ultimate user experience and a fully functional application, it is necessary for Workrede’s technical employees to maintain sufficient system permissions to access system source code and indirectly your organization’s content. As a result, we have implemented strict controls over our employees’ access to data and we are committed to limiting access to your organization’s data solely for the purposes of maintaining and improving the Wokrede platform. We require all of our employees and contractors to acknowledge and agree to our policies regarding user data privacy and protection.

 

If you have additional questions regarding our data protection and privacy policies, please contact us.