Payroll Trust & Security Center
See how Paper Trails ensures all of our people are working to protect all of your people at all times.
Reliable and secure payroll and HR
Paper Trails has spent 20 years (and counting) safely and securely delivering payroll and human resources technology and support to our clients. We are keenly aware of the significance of operational risk management and cyber security in today’s digital landscape. We are dedicated to regularly evaluating and enhancing our risk and security practices. Our ongoing investments in skilled personnel, effective processes, and up-to-date technologies are focused on providing reliable protection for our customers, partners, employees, and assets. This commitment to security is a fundamental aspect of our operation, ensuring that we responsibly manage and safeguard sensitive information.
Our commitment to your security.
Paper Trails’ approach to security is both dedicated and systematic, ensuring the utmost protection of your business and employee information. Our strategy is comprehensive, addressing various aspects of data security in the payroll and HR services sector.
Multi-Layered Defense System
We implement a robust defense system layered with advanced security measures. Here at Paper Trails, we keep all of our internal systems and firewalls up to date. We have significant email security software, including our secure email platform, that assists in preventing private data from being sent via unsecure email. Our firewalls also feature intrusion prevention and detection software to assist us in preventing a breach.
Strict Access Controls
At Paper Trails, we implement stringent controls and continuous monitoring to safeguard sensitive client data. Our system utilizes role-based access protocols, ensuring that only authorized personnel can access specific sets of data. This approach is crucial in maintaining the confidentiality and integrity of client information. Further, dual controls are used for access to client funds and access to critical data systems. Our IT team constantly monitors access logs, enabling us to swiftly identify and respond to any instances of unauthorized access. This vigilant approach to access control plays a vital role in our comprehensive data security strategy.
Regular Security Audits
To maintain and enhance our security posture, Paper Trails conducts periodic audits that serve as a critical component of our security strategy. These audits are instrumental in assessing the current state of our security systems and processes, allowing us to identify any potential weaknesses. Following each audit, we take proactive steps to implement necessary updates and enhancements. This systematic approach ensures that our security measures are not only up-to-date but also effective in countering emerging threats, thereby fortifying the overall protection of our client's data.
Licensing, Bonding & Insurance
Paper Trails is licensed and audited by State agencies as an added assurance and independent review of our practices. We are bonded and insured to the highest levels to protect client funds in the event of a breach.
isolved's approach to safety.
Our payroll technology partner, isolved, is deeply committed to ensuring the highest standards of security and integrity. Recognizing the critical importance of protecting sensitive information in today’s digital landscape, isolved has established comprehensive and robust security measures. This program is designed to safeguard customer data against various security threats and unauthorized access, reflecting an ongoing commitment to protection and compliance with regulatory standards.
Comprehensive Security Program
isolved maintains a thorough and formal program dedicated to the security of client data. This program includes measures to protect against security threats and prevent unauthorized access to customer data. A significant aspect of this program is a continuous review process conducted by third-party auditors, ensuring ongoing compliance and effectiveness.
External Audit & Compliance Standards
The security program of isolved, in collaboration with its cloud service provider Microsoft, is based on the Statement on Standards for Attestation Engagements (SSAE) 18, a standard set by the American Institute of Certified Public Accountants (AICPA). The completion of the SSAE 18 audit, including the annual SOC 1 Type 2 report, provides companies with confidence in isolved's products. This report covers various aspects of isolved's offerings, including the SaaS platform, payroll and tax filing services, and legacy Timeforce II SaaS solutions.
Data Segregation & Two Factor Authentication
The isolved application features a multi-tenant SaaS architecture, ensuring data segregation and security at multiple levels. This includes role-based access controls down to the employee level and two-factor authentication for additional security. The logical access within the isolved platform and its data centers is stringently controlled, adhering to best practices in security.
Consistent staff training.
At Paper Trails, we understand that a well-informed team is crucial in maintaining robust security measures. Therefore, we place a significant emphasis on continuous staff education, making it a central pillar of our security strategy. Our approach involves keeping our employees fully up-to-date with the latest developments in cybersecurity and equipping them with the knowledge and skills necessary to effectively safeguard client data.
Ongoing Training Sessions
We consistently conduct comprehensive training sessions to ensure that all staff members are well-versed in the latest security protocols and practices. These sessions are designed to keep our team abreast of the continually evolving landscape of security risks.
Diverse Training Content
Our training covers a wide array of topics critical to data security, such as the newest phishing tactics, effective password management best practices, and the principles of maintaining data confidentiality. We test each employee with phishing and vishing attempts to keep them alert and aware. This diverse range of subjects helps in building a well-rounded understanding of cybersecurity among our staff.
Case Studies & Real-World Scenarios
To enhance practical understanding, our training sessions incorporate discussions on case studies and real-world scenarios. This approach not only bolsters our team's ability to identify potential security threats but also prepares them to respond promptly and effectively.
Client facing educational resources.
Paper Trails is dedicated not only to securing our internal processes but also to empowering our clients with the essential knowledge to protect their own data. We understand the importance of a collaborative approach to security, where both service provider and client are well-informed and prepared to tackle security challenges.
Our clients have access to an extensive range of materials including regular newsletters, detailed guides, and blog articles. These resources cover a broad spectrum of topics including best practices in data security management, ensuring our clients are always informed about the latest developments in data security.
Easy Access through Our Online Portal
All these educational materials are conveniently available through our website. This ensures that our clients can easily access and utilize these resources at their convenience, staying informed and prepared against potential security threats.