Security and Compliance

Safeguarding your HR data

Remote protects your business and your employees’ sensitive HR and payroll data with industry-leading security and compliance.

Enterprise-grade data protection and compliance

Remote offers a secure platform for global payroll, benefits, taxes, and compliance to help you grow your global team with confidence. We make the security of your data and the data of your employees a top priority.

Audited & Accredited

ISO27001 Certified & SOC 2 Compliant

We're SOC 2 compliant and ISO27001 certified, demonstrating our rigorous security policies and procedures.

These accreditations reflect our continuous effort to maintain the highest standards in security.

Our practices are regularly audited and verified by independent third-party auditors, ensuring a robust and reliable security posture that you can trust.

Infrastructure security

Built-in security you can trust

We built our platform and our company with security in mind.

  • Our infrastructure lives in isolated networks with restricted, fully auditable access.

  • We protect our systems with advanced firewalls, which include security threat detection and prevention mechanisms.

  • To ensure both compliance and protection, we trust Amazon Web Services as our cloud provider, which complies with the strictest industry standards: SOC 1,2,3, ISO 27001/27017/27018, PCI-DSS

Business continuity and reliability

A dedicated security team at your service

Our dedicated Security team ensures your business is safe with comprehensive security practices:

  • Application security audits: We test for vulnerabilities and maintain audit logs of application accesses and changes to bolster network security.

  • Data security: We take the safety of private information and employee data seriously, so we encrypt all data both while in transit and while at rest.

  • Internal security: We follow the Least Privilege Principle to segregate system access to essential personnel only. All our internal tools and systems require SSO, and we conduct regular recertification and training sessions to meet our own rigorous standards.

Personal data protection is a key consideration when selecting a global EOR provider

When it comes to collecting and storing some of the most important personal information about your company and hires-including salary figures, addresses, bank information, and government-issued IDs-you can never be too careful.

Remote Data Protection Guard offers industry-leading policies, processes, and controls that ensure compliance with the world’s toughest privacy laws.

2FA and SSO

In order to provide stronger security for Remote users and their data, we have enabled two-factor authentication (2FA) and single sign-on (SSO) during login.

2FA requires users to provide a code sent to their mobile device via an authenticator app like Google Authenticator or Duo Mobile. SSO can be enabled on a company-wide basis, allowing users to log into the Remote platform securely using their company credentials.

Dependability to match

We don’t let our commitment to your data’s security slow you down.

99.999% uptime

Our tools and processes help us maintain 99.999% uptime.

Under 150ms

Our best-in-class product boasts industry-leading response times of under 150ms.

Daily backups

We continuously monitor applications and infrastructure, back up data daily, and ship applicational logs off site, where they are kept for 30 days.

Everything you need to build remote teams

We back up our security policies and procedures with external validation and certification from the top security institutions in the world.

General Data Protection Regulation (GDPR)

Remote complies with GDPR by ensuring data remains encrypted and secure no matter where it needs to travel. We empower your employees to modify or delete their personal data upon request, maintaining the highest standards outlined in the GDPR.

Industry-leading security features

All your sensitive information, including important documents and data, is encrypted and only accessible by the owner and internal platform administrators. We limit exposure to risk by purging all data that is not strictly necessary for business operations.

If you would like to contact us regarding security, please send an email to [email protected]/en-GB

Remote’s full suite of solutions

Security Form

Remote take the security of it’s customers very seriously and strive to continuously improve it. In this context the work done by the security research community provides an important contribution. If you find a vulnerability that affects Remote, please fill the form below including all the necessary details to reproduce the issue, therefore helping us to fix it promptly.

Report a security vulnerability

Remote's Vulnerability Disclosure Program is critically important to us. We are constantly monitoring our platforms to protect and improve security. If you find a potential weakness, please notify our Security team so we can investigate.

1

Frequently asked questions

Payroll security refers to the measures a company must take to protect its payroll data and financial assets from potential threats, such as fraud, data breaches, and unauthorised access. It requires the implementation of numerous safeguards, including safe data handling practices, a secure IT infrastructure, and strong security policies and procedures.

Payroll abuse (also known as payroll fraud) occurs when an employee or a malicious party exploits vulnerabilities in a company’s financial management system to misappropriate funds.

There are numerous risks in payroll, such as:

  • Inaccurate calculation of taxes

  • Non-compliance with local labour laws

  • Cyberattacks

  • Human error

  • Inaccurate record-keeping

If your organisation is international, it’s essential to be aware of and comply with the payroll regulations and tax systems in your employees’ countries. Failure to do so can result in hefty penalties and fines, as well as reputational damage.

If you’re outsourcing to an unknown third-party payroll provider, you may also face risks such as loss of control, data breaches, poor service quality, or non-compliance with regulations by that third party. This is why it’s crucial to outsource to a trusted, reliable provider.

Finally, you should be aware of internal fraud risks, including:

  • Ghost employees

  • Falsified hours

  • Inflated commission schemes

  • Pay rate manipulation or alteration

Payroll records can be compromised in a number of ways. They can fall into the wrong hands due to insider threats (e.g., data theft by a disgruntled employee), or through external attacks. If your company uses outdated systems with known vulnerabilities, you may be particularly susceptible to such threats.

Many breaches occur as a result of the following methods: 

  1. Phishing attacks. Attackers can trick payroll team employees into revealing their login credentials, giving them unauthorised access to payroll systems.

  2. Malicious software. Malware and viruses can damage systems, steal data, or simply disrupt payroll processes.

  3. Ransomware attacks. This involves malicious software that infiltrates and encrypts your data. The attacker usually then demands a substantial ransom payment to restore system access.

To secure your payroll, you need to implement comprehensive security measures, including:

  • Strong encryption

  • Multi-factor authentication

  • Strict access control

  • Robust firewalls

If you’re outsourcing payroll, you need to ensure that your chosen platform is regularly updated and well supported, and that ISO-standard security protocols are in place. You should also regularly educate your people on best security practices, such as how to create strong passwords and how to recognise phishing attempts.

Finally, you should assess the ongoing effectiveness of your security by conducting periodic audits and risk assessments.