Is my data safe in Kakitangan.com?

We strive to protect your data.

1. Storage:

We host our system on one of the best and most secure cloud infrastructures in the world, Amazon Web Services (http://aws.amazon.com/resources/gartner-2015-mq-learn-more/), ensuring our servers will be safe from any physical sabotaging.
We also purchase premium service on AWS data center that performs a daily backup on your data - so the worst case you're losing less-than-a-day data.

  2. Data transfer:

The data transfer from your computer/phone to the server are HTTPS encrypted hence protected from being hijacked and data leaked.

Note that Kakitangan.com is having a green color address bar in your internet browser - you should avoid those gray-color-icon websites.

  3. Access of data:

Finally, we also encrypt the data in our own databases so that access is restricted even within our company.

We have been PDPA-compliant audited by security auditor that audited Banks' online system.

Here's the report: http://bit.ly/PDPAcompliant

>

4. Bonus - What we did more than other vendors:

  • We hire professional auditor (they did security audit for Maybank2U portal) whom spent 8 months examining every single details of architecture and internal process control. To our understanding non of other cloud vendors in Malaysia is spending that much investment in security than us.
  • We purchase extra premium of data backup technology that the system makes a backup everyday, up to 7 days. If there’s system crash (touch-wood, where we haven’t had it yet), at most we lost 24 hours of data. Besides, Amazon also assign architect expert to work with us to solidify the infrastructure.
  • For your staff – they have respective access. A person’s data can only be accessed by him/herself, the direct manager line, and HR permission. The Payroll data can only be accessed by person who has payroll permission besides him/herself.
  • For us – internally we cannot access your staff profile and salary data. So all troubleshooting needs your screenshot etc, and sometime we need your authorization to troubleshoot. Other than that we don’t have access.