Learn how Deputy keeps your data secure
View our security certifications, encryption standards, and other tools we employ to keep customer information safe.
Our Security Commitment
At Deputy, ensuring that our customers’ information is kept secure and safe is our highest priority. Deputy provides a platform built to the highest security standards, with a commitment to deliver the best customer experience for owners and users of the platform.
Below are some of the key features that keep your data secure
To provide world-class security, we ensure our platform meets key industry standards. Deputy is certified against ISO27001 standards for Information Security compliance and is PCI compliant for handling credit card transactions.
Deputy monitors our infrastructure using external and internal vulnerability scanning. We perform annual audits and security assessments with independent and globally recognised security assessment firms.
Infrastructure you can depend on
Deputy runs on AWS cloud infrastructure. We host customer instances between multiple Availability Zones in three regions (AU, UK, and USA).
Our Infrastructure is built over multiple availability zones and is designed in line with Amazon’s “Well Architected” Security principles to ensure that we achieve maximum security and performance from their environment. This is backed up by Amazon’s 99.99% uptime service level agreements to ensure that Deputy is always available.
Encrypted data and communication
Deputy uses Encryption both to securely communicate with our users and to store all customer information. Deputy uses only TLS 1.2 or higher encryption with restricted cipher sets for all website, mobile, and integration communications. On our backend, we encrypt all customer data at rest that is stored within our databases.
Passwords and Multi-Factor Authentication
Deputy provides a variety of options to keep your account secure. In addition to passwords, Deputy provides Multi-Factor Authentication capabilities on every user account using industry-standard one-time codes.
For corporate customers, we support integration with single sign-on providers like Okta, Azure, and Oracle. All login and password data is encrypted, hashed, and stored separately to customer data — so employees can use Deputy safely with multiple employers.
All customer data is kept logically separate through sharding of database partitions and multi-regional deployment. This ensures that there is no data overlap or loss of data integrity between customers.
Deputy provides role-based access levels so that employees, managers, and administrators can only view data that is relevant to them. This access can be customised to suit your needs.