Commitment to Security

When entrusting business-critical information to an outside provider, security is critical. Symphony provides a safe and secure processing environment for your data with the following components:

  • Secure facilities
  • SOC1 SSAE16 (SAS 70) Type II Audited Environment
  • Electronic and physical security
  • 24/7 monitored electronic office security
  • Secure shipping and receiving areas
  • Secure tax processing areas
  • Redundant network availability
  • Redundant backbone router access
  • Redundant high-speed internet access
  • Redundant off-site real-time duplication servers
  • UPS battery backup
  • Environmental systems to maintain optimal conditions
  • Temperature and smoke detectors with broadcast notification

A Highly Secure Approach

Symphony’s remote client uses Thin Client technology, which transmits messages between client and server using a custom protocol based on a proprietary format over TCP/IP. Thin Client deploys a RAS server as a proxy that acts like the server to remote clients, while preventing any access to the actual database server. It encrypts and compresses messages between RAS and remote clients, and the encryption protocol found in the Remote Client to RAS proxy transports the encryption key.  Thin Client uses the Blowfish algorithm with a 256-bit symmetric encryption key, leveraging SSL to create the encryption key dynamically.  The algorithm is active only when the client connects to the server, and the system cannot store passwords locally in a browser. Additionally, Thin Client does not store a local copy of the payroll database.

Secure Data – Storage and Digital Encryption

An internet search for “payroll breach hackers” yields tales of security failure at large super-regional and national payroll providers. Hackers have successfully poked holes in security defenses, often exploiting vulnerabilities in browser software. Symphony made the conscious decision to offer a better security approach that eliminates risk from the weakest link in the security chain: accessing payroll data in an internet browser and leaving unencrypted data on client computers.

Unencrypted Data

Unencrypted data is low-hanging fruit for hackers deploying malware, Trojan horse programs and “phishing” schemes. Users can knowingly or unknowingly store user IDs and passwords in browsers. These stored credentials become highly vulnerable to attack. In addition, many payroll systems store a local database on client computers and then move files back and forth between the payroll servers and the client via FTP. The database file on a client computer is vulnerable to unauthorized access.