Platform Security Overview
Invite others in your organisation, or accounting partners, to collaborate on specific sections of your claim. Our robust role-based authorisation ensures sensitive financial and pay details are only accessible to named individuals.
We support multi-factor authentication for all users and require it for users who access sensitive financial and pay details. We encourage the use of industry-best-practice OTP authenticator apps but also support SMS based 2FA.
To help protect user accounts and company information we’ve implemented industry best practices for user passwords by enforcing a level of complexity, preventing the use of common passwords and locking accounts after a number of failed login attempts.
All web traffic to and from our platform is encrypted by default and our encryption certificate rates A+ using the Qualys SSL Labs test (the highest possible rating).
Our platform is subject to third-party, CREST approved penetration testing and vulnerability audits.
We use technology partners who put security at the front and centre. Our platform runs on Amazon’s Web Services (AWS) which is an ISO/IEC 27001:2013 accredited platform. All servers that process and store customer data are in the the UK.
EmpowerRD is a Cyber Essentials (NCSC UK) compliant business.