How Celery protects your employee and employer information

Most questions about security come from companies that currently process their payroll using software installed on an office PC or server. I will try to compare Celery to this still common scenario.

Physical security

An office is often physically secured with a lock, alarm and sometimes even human security. Most people who work in the office have a key and the code for the alarm and manned monitoring happens within a relatively fixed schedule.

This situation may seem safe at first sight, but is highly susceptible to human factors. Alarm codes can be passed on and keys can be copied. Physical access to the PC or server with the payroll software installed is often unprotected. More often than not even the cleaning staff can plug a USB stick into the computer. This could quite easily lead to physical or virtual theft, allowing sensitive data get into the hands of third parties.

Celery software and all user data stored within are hosted in Tier III data centers. These data centers utilize different security zones, 24/7 manned security, camera surveillance and biometric access to the server rooms. Access to the server rooms by third parties is only permitted provided that authorization is granted and that the person is at all times accompanied by an authorized and verified employee of the data center.

The probability that a PC or server in an office environment is stolen or accessed by unauthorized third parties is much greater than unauthorized physical access to one of the Celery servers.

Encryption of data

Current providers of desktop payroll software do not encrypt your data. If a malicious third party or curious employee gains access to the payroll software he or she can read all sensitive data directly from the database.

At Celery we do everything in our power to prevent your information from falling into hands of third parties, but if that were to happen the most sensitive data is encrypted. That means that even when unauthorized physical access to our servers has occurred, your data and your privacy are safe. At present, we encrypt names and addresses using AES-128 and passwords using scrypt. In addition, our daily off-site backup is encrypted using AES-256. These kinds of ciphers take many years to crack, even with massive computing power, and have therefore become an industry standard for strong data security.

To prevent interception of data that is entered or requested via a web browser we use TLS (Transport Layer Security) and HTTPS on all our end points. A “lock” icon next to the web address indicates this type of encryption.

We even send email to our customers and users via encrypted channels, if supported by the receiving party.

Availability and Continuity

This probably sounds familiar. On the day the payroll must be processed the PC holding the software crashes due to a software error or parts that are damaged by power outages and old age. In the office situation this often means buying a new PC or server and using a backup of the software to reinstall the PC. This takes days and many times the backup copy turns out to be bad or outdated.

All our servers are set up redundant. That means that each server is connected to two separate back-up generators through two different power supplies. Hard drives are mirrored using RAID 10, allowing multiple disks to fail without noticeable consequence. Server memory is redundant and even the Operating System is installed in two different places.

We strive for an uptime of 99.9% and proven ourselves for the past 2 years.

In the event that a fire would break out, which is highly unlikely since our data centers have Argon fire extinguishing systems, we fall back on our Disaster Recovery Plan. This plan is regularly tested and helps us to be fully operational again in a few hours. A combination of off-site backups and a robust technical environment serves as a basis for this.

When was the last time you tested your Disaster Recovery Plan?

Product Security

Besides all the obvious security we also pay attention to the security of Celery itself.

During the development of Celery the OWASP Top 10 is kept close, enabling us to write robust and secure code. Common vulnerabilities such as Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF) and SQL Injection (SQLi) are already addressed at an early stage this way.

Besides an automated vulnerability scan on a daily basis we have Penetration Tests performed every six months. Independent security experts put Celery through a detailed series of test, covering the entire platform.

Celery also provides user levels in order to prevent unauthorized users from accessing sensitive information. At the moment we have the following levels: Account Administrator, Account User, Business User and Employee.

Our sign in page is protected against “brute force attacks” utilizing a maximum number of failed sign in attempts. After five failed attempts, the user account is locked and an email is sent to the user with instructions on how to unlock his or her account.

Celery sends out emails about generated payslips, reports, invoices and received payments. All of these emails are digitally signed using DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting and Conformance). These are standards developed and utilized by Google, Yahoo, Microsoft and Verisign and ensure that Celery is a verifiable sender.

Many bricks make for a strong wall

By taking an end-to-end approach we can offer a user friendly and secure online product with confidence. With Celery we strive to provide a service that is more secure and offers better insights than you ever could and wanted to create within an office environment. Since we can spread the investment to do so over all our clients, you pay only a fraction of the normal cost that this kind of effort entails.

Do you have specific questions or concerns about the security of Celery? Send an email to security@celerypayroll.com. We are always interested in feedback.