Security and Compliance
Information security is a key company priority at LiveHire and we manage robust security controls to enhance the confidentiality, integrity and availability of our information assets and systems.
Our key objective is to safeguard customer data and our security controls are driven by a comprehensive risk management framework that governs many aspects of LiveHire’s business operations.
Being a cloud native company, LiveHire takes necessary precautions to ensure all client and user data never leave the secure cloud environment and are always protected under the highest standards.
Protecting Your Data
Security Compliance - ISO 27001 Standard
LiveHire is an ISO 27001 certified organisation. We undergo external audits on an annual basis.
This certification assesses and evaluates our information security management system (ISMS) against the ISO 27001: 2013 standard. It ensures that we have met our key objectives by assessing all the relevant risks and are implementing controls to protect our customer information from misuse, interference, or loss, and from unauthorized access, modification or disclosure.
Security Compliance - SOC2 Report
LiveHire has achieved SOC 2 Type 1 Attestation.
System and Organization Controls (SOC 2) attestation are based on the Trust Services Criteria defined by the AICPA and reports on controls relevant to security, availability, confidentiality, and privacy.
You can now download the report from our security portal.
LiveHire’s data processing practises and policies are aligned to key principles of global privacy laws and will be continually reviewed and strengthened as part of a comprehensive roadmap to ensure compliance with GDPR requirements across 2022.
LiveHire secures data in motion and data at rest using strong encryption methods such as TLS 1.2 or above and AES-256 respectively. These are industry standard cryptographic protocols, utilizing strong encryption algorithms while disabling insecure ciphers to ensure the information is reasonably protected against unauthorised interception both in transit and at rest.
LiveHire has implemented a Business Continuity and Disaster Recovery Plan that accommodates for a wide range of scenarios affecting the availability of our services. Our security incident management and data breach procedures ensure any issues are dealt with quickly and appropriately. Uptime and functionality is our primary goal and LiveHire’s uptime has historically been 99.99%.
Data Center Security
LiveHire is a 100% cloud native company provisioned in highly secure Tier 1 Data Centers hosted by Tier 1 Cloud Service Providers (CSP) - primarily Amazon Web Services (AWS).
Our CSP has robust controls to protect the physical servers hosting LiveHire information. On a yearly basis, LiveHire reviews the ISO 27001 scope and SOC2 reports of our CSP, to ensure adequate assurance on security controls.
LiveHire engages with external consultants and security teams periodically to assess and remediate any threats to the security of our cloud network setup and platform. These teams perform state-of-the-art vulnerability scans and penetration tests to ensure continuous system stability and enterprise-grade security.
Software Development Life Cycle
LiveHire utilizes a modern Development Life Cycle and Operations posture driving full monitoring and impact assessment of any code change before deploying to production environments. Developers undertake security training and engage in Threat Modelling to ensure that we have strong security mechanisms in our LiveHire application code, adhering to good security principles such as Defence in Depth and Least Privilege.
Third Party Disclosure
LiveHire only works with Third Party service providers that are chosen after a strict review and to be in compliance with LiveHire policies and processes as well as country-specific regulations. LiveHire does not sell or trade customer information to third parties and strictly follows all confidentiality requirements of client data.