Security

We take your data seriously.
To guarantee the integrity and security of your payroll and workforce data, we adopt industry-leading practices and technology.
Enterprise-level security.
Trustworthy infrastructure
Definitiv is backed by secure Amazon Web Services technology, with 99.5% uptime service level agreements. Plus, all data is secured only on Australian data centres.
Safe encryption
Definitiv is protected with 256-bit TLS encryption, the same high level of encryption used by banks to protect the privacy of your data.
24/7 monitoring
With the help of machine learning to flag abnormal activity, Definitiv is monitored 24/7 to identify any malicious or unauthorised behaviour.
Data at rest
Encrypting data at rest is an additional layer of protection, preventing unauthorised access to your data.
Independent databases
All data is kept separate at client level to safeguard the integrity of your data from contamination.
Unique URL
Each of our customers are provided with individual URLs. The unique URL ensures no other customer has access to your company’s login page.
Australian hosted
Keeping your data safe and local, Defintiv stores all customer data securely within Australian data centres only.
Configurable security.
Single Sign-On (SSO)
Enabling your IT to maintain centralised control over credentials and authorisation, Definitiv can be linked to your organisation’s Active Directory Federation Services (ADFS).
Configurable user access
True to our word, even user access levels can be configured to individual tasks. Enabling you to have effective segregation of duties, you can create as many user authorisation levels as you need. If you have multiple entities, a user’s access can even be tailored differently to each entity.
Two-factor authentication
An additional layer of security, two-factor authentication helps to prevent an unauthorised person from being able to log in to your people’s accounts.
Custom password policy
From minimum length to specific character requirements, you can determine the complexity of your company’s password.
Independently accredited.
Penetration testing
The Definitiv web and mobile apps are independently penetration tested annually or earlier if any changes could potentially impact security.
SOC 2 audits
Definitiv undertakes annual SOC 2 audits to provide your business and auditors with assurance of our internal security practices.
IRAP assessments
Definitiv closely aligns with the Australian Government's Information Security Manual and undertakes biennial IRAP assessments to verify our processes and systems.
Reliable business continuity.
Multiple availability zones
Definitiv has multi AZ (availability zones) within AWS to provide high availability and minimise disruptions for our customers
Point of restore
Definitiv provides point of restore for up to 35 days so there is little risk of losing any current and live data.
Daily and monthly back ups
As an added layer of protection, Definitiv takes daily and monthly backups. For record keeping purposes, monthly backups are retained indefinitely.
Key KPIs.

Uptime percentage

Recovery point objective (RPO)

Recovery time objective (RTO)
App level security.
All Definitiv apps follow the same security protocol as the Definitiv web platform, with the additional ability to adopt device security-enabled features, i.e. Face ID. Enhancing security over access to the app, it also provides greater convenience and familiarity to your people.
