Security

ACCOMMODATION

Our site is hosted by Amazon Web Services (AWS), which is one of the most recognized hosting companies in the world. This hosting gives us several advantages:
  • Secure infrastructure
  • Dynamic capacity: servers automatically adjust when additional capacity is needed or when there is a production peak on our platform, preventing outages and loss of access to your account and data.
  • Servers and replacement environments: the servers are located on three different sites, which means that if one of them breaks down, the other two take over instantly. If the breakdown causes Stafiz to stop working on one of the sites, the settings allow a new environment to be recreated in a few minutes.

SECURITY MEASURES

The security of the site is ensured by various means:
  • Hosting security: see above
  • System security: Stafiz software is developed on Laravel which contains many levels of security at the heart of its functions.
  • Cybersecurity: the software code is protected against all "classic" hacking attacks: SQL injections, cookie theft, MITM, XSS, etc.
  • HTTPS connection: RSA 2048 bits (SHA256withRSA). We have the A notation on SSLlabs.
  • Activity on the platform is carried out through secure logins, and alerts are automatically sent to our teams when an action triggers one of the many security checks we have defined.
  • Confidential data (names, passwords, etc.) are encrypted.
Our software has been audited by an external consulting firm that performs pen tests on the code. These audits are replicated regularly as lines of code are added to the software, especially when complete bricks are added.

RIGHT OF ACCESS

User access rights are set by your company's administrators. If a user tries to access a page for which they are not authorised, they will be blocked and an alert will be sent to our technical/security services for investigation.

SERVICES

DILYNX SAS undertakes to keep the service operational and online 24 hours a day, 7 days a week, 365 days a year, with an average annual availability rate of 99.8%. Penalties may be applied if this commitment is not met: the fixed amount of the penalties will be equal to 30% of the monthly fee for the period during which the rate of unavailability exceeds the contractual commitment. In order to benefit from the penalties, the Customer must submit a written request to Stafiz within 5 (five) working days of becoming aware of the non-compliance with said commitments. Any incident may be reported to Stafiz by telephone or e-mail. Each time an incident is opened, it is given a unique identifier to ensure that the incident can be tracked until it is closed. Incident handling begins with classification:
  • Blocking incident: an essential functionality can no longer function even partially. The deadline for resolution or implementation of a workaround is 1 working day from the time the incident is reported.
  • Inconvenient incident: The service is disrupted but can function although the level of service cannot be guaranteed. The resolution time is 3 working days from the time the incident is reported,
  • Minor incident: The Service is not disrupted and can operate at the level of service provided. The response time is 30 working days from the time the incident is reported.

BACKUPS AND REVERSIBILITY

All the data you entrust to us is stored using the AWS RDS system, and replicated on several servers in different geographical areas to ensure maximum security against loss. Copies of the database are made daily and stored for 30 days. As a Stafiz user, you can also extract all your data at any time via the export pages provided in the tool. Data reversibility during subscription or up to 30 days after the end of subscription.