Vendor management company, expressHR has taken on new database security tools to protect against insider threats and independently audit security levels.
The new database assurance platform will secure the sensitive personal details of 70,000 people every month in its systems that are used by more than 14,000 users across the UK every year to manage the provision of temporary, permanent and contract staff for a number of recruitment agencies and other organisations.
Data held by expressHR process over £300 million of temporary labour spend, including banking information, salaries, pay rates, charge rates, CVs and other personal details which must be protected by law.
Paul Raine, expressHR operations director said: “It is very important for any organisation which operates in the recruitment sector to safeguard the large amount of personal data that is handled daily.”
Initially expressHR will use the security database platform from vendor Secerno to monitor the state of security but over time Secerno, using a software-as-a-service (SaaS) delivery model. It’s SQL audit, reporting and analysis capabilities will allow the company to block abnormal behaviour and build up a personal profile for each and every user accessing the service and demonstrate compliance.
The company has also chosen to deploy the service, which is also designed to stop SQL injections and other hacking attempts, in association with traditional penetration testing and application testing to protect against external attacks.
“Now that perimeter defences are no longer watertight, it’s essential to have technology that can effectively protect your applications right up close,” said Raine. “Secerno gives us protection where we need it most – right in front of our most important asset, our data.”