WorkTango is committed to securing your information
We know your employee data is essential and needs to be protected no matter where it resides.
WorkTango has adopted the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) including standards, guidelines, and best practices to manage cybersecurity-related risk.
Our controls are designed to meet the requirements for System and Organization Controls (SOC) reporting, leveraging both NIST and International Organization for Standardization (ISO) 27001.
Verified enterprise-level protections
WorkTango proactively tests our adherence to available industry standards.
We have achieved SOC 2 attestation, governed by the American Institute of CPAs (AICPA). The SOC 2 examination is performed by an independent accounting firm and demonstrates our ability to meet the AICPA Trust Services Category for Security.
Data protection laws and regulations
WorkTango’s Data Privacy Program is aligned with the requirements of GDPR and monitors the data protection landscape across various relevant jurisdictions as well as laws at the national and state levels.
WorkTango complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Our Data Protection Addendum adopts the Standard Contractual Clauses promulgated by the GDPR in jurisdictions where it applies. Our service is regularly audited to ensure compliance with relevant laws and regulations.
Data security and access safeguards
Customer information is encrypted both during transmission, at rest, in production environments and during backups using industry standard protocols. The WorkTango platform is securely designed to provide customers with various features to configure (e.g. Single Sign-On) the logical security of their users’ environment in accordance with customer security policies.