Discover our features
Want to know all the features available on PayFit ? Here is a detailed list.
Payroll and declarations
Security audits
Use of technology such as Sentry and AWS Cloudtrail to provide an audit trail over its infrastructure and the PayFit application. Auditing allows to perform ad-hoc security analysis, track changes made to the PayFit setup and audit access to every network layer.
Run of a private bug bounty programme on HackerOne to identify and mitigate security threats. Access to this programme is by invitation only.
Hosting & network
Management of all hosting facilities directly by Amazon Web Services, according to ISO 27001.
All transmissions between client and server and to external systems are performed through end-to-end HTTPS encryption.
PayFit's network splits into subnetworks, each handling a specific function, both for performance and security enhancement.
Separation of testing and production environments.
Isolation of PayFit network from the Internet, with the exception of a single entry point (proxy). Each point inside the network follows strict firewall rules.
Protection of access to PayFit systems through AWS and Kubernetes rights management.
Access to data, by authorised staff members, is only allowed through a VPN protected by 2FA authentication.
Monitoring and log of data transmission from IT systems that store or process personal data.
Synchronisation of all servers through an AWS NTP server.
Data
Data storage and backups situated in France.Encryption of all stored data in transit and at rest, including any backup copies.
Data anonymisation or non-transmission to sub-processors.
Mandatory user authentication by email and password (controlled by a strict policy) with the option of two-factor authentication (2FA) via SMS token authentication.Internally, data access, for authorised staff members, is only allowed through a VPN protected by 2FA authentication.
Data transmission through TLS/SSL only with HSTS and perfect forward secrecy fully enabled. PayFit is graded as an "A" rating on SSL Labs' tests.
Access to customer data restricted to identified teams, with a proportional and justified reason to do so. Systematic log of such access.
How does PayFit compare to an outsourced payroll solution?
PayFit's hybrid approach combines the best of two worlds - outsourcing, and in-house payroll. With PayFit, you get the control and visibility of a fully automated, cloud-based payroll software, AND dedicated support from CIPP payroll experts* (*Standard or Premium package).
Gestion du personnel
Security audits
Use of technology such as Sentry and AWS Cloudtrail to provide an audit trail over its infrastructure and the PayFit application. Auditing allows to perform ad-hoc security analysis, track changes made to the PayFit setup and audit access to every network layer.
Run of a private bug bounty programme on HackerOne to identify and mitigate security threats. Access to this programme is by invitation only.
Hosting & network
Management of all hosting facilities directly by Amazon Web Services, according to ISO 27001.
All transmissions between client and server and to external systems are performed through end-to-end HTTPS encryption.
PayFit's network splits into subnetworks, each handling a specific function, both for performance and security enhancement.
Separation of testing and production environments.
Isolation of PayFit network from the Internet, with the exception of a single entry point (proxy). Each point inside the network follows strict firewall rules.
Protection of access to PayFit systems through AWS and Kubernetes rights management.
Access to data, by authorised staff members, is only allowed through a VPN protected by 2FA authentication.
Monitoring and log of data transmission from IT systems that store or process personal data.
Synchronisation of all servers through an AWS NTP server.
Data
Data storage and backups situated in France.Encryption of all stored data in transit and at rest, including any backup copies.
Data anonymisation or non-transmission to sub-processors.
Mandatory user authentication by email and password (controlled by a strict policy) with the option of two-factor authentication (2FA) via SMS token authentication.Internally, data access, for authorised staff members, is only allowed through a VPN protected by 2FA authentication.
Data transmission through TLS/SSL only with HSTS and perfect forward secrecy fully enabled. PayFit is graded as an "A" rating on SSL Labs' tests.
Access to customer data restricted to identified teams, with a proportional and justified reason to do so. Systematic log of such access.