Why Securing Our Customers’ Data Matters and Why We’re The Best At It
by Pete Goettner
Co-Founder & Chief Product Officer, Crosschq
April, 29, 2021
Keeping customer and user data secure has been a top priority at Crosschq since our inception. While it’s an expensive and time consuming process for a relatively early-stage software company, it is a non-negotiable requirement for our customers at Crosschq that include online banks, healthcare providers, and some of the world’s largest SaaS companies. In fact, Crosschq is rapidly becoming the software that Unicorn companies turn to for their HR and recruiting needs.
And one of the reasons why people select us is because our product includes security features that are among the best available in the HR tech space.
Crosschq provides Single Sign-On (SSO) / SAML 2.0 support as a base-level feature in our software platform. SSO allows companies to have one system of record where employee account access can be managed centrally for all software applications. With SSO, employees that are terminated or leave a company can have access removed from all applications with the click of a button.
Crosschq’s Product Security Features
Our products help our customers collect and compile data that is used to assess job applicants during the recruiting process. The reports that our customers create on job candidates are highly sensitive and often contain Personally Identifiable Information (PII). Sharing these reports via non-secure technologies (like PDFs) can lead to serious leaks of PII. Given this risk, most of our customers use built-in product features like Secure Report Sharing to limit report access to specific hiring managers, recruiters, and company employees.
What’s more, we’ve invested heavily in becoming SOC- 2, Type-2 certified.
The SOC 2, Type 2 Audit
A SOC 2 Type 2 audit is an internal controls report capturing how a company safeguards customer data and how well those controls are operating. This external audit is conducted and issued by an independent third party and covers the principles of Security, Confidentiality, and Privacy. At Crosschq we work with Armanino LLP, a leading audit firm, to ensure that we have all necessary security policies in place and that we’re following them to the letter. Historically we’ve passed our annual SOC2 audit with flying colors. Customers can view our most recent audit report by request, but it requires that we put a non-disclosure agreement in place.
GDPR and CCPA
Because of the security measures described above, we are comfortable incorporating the EU’s Standard Contractual Clauses related to GDPR in contracts for customers that process data on EU citizens. We are also comfortable including CCPA assurances in contracts for customers that process data on people in California. Note that we never share PII/user/customer information with third-parties for marketing reasons.
Crosschq prioritizes trust and transparency, minimizes bias, and protects privacy at every step within our product. The company serves a growing roster of innovative customers including Eventbrite, Dialpad, Nerd Wallet, and Upwork, and partners with leading talent technology platforms such as Workday, Greenhouse, and Lever.
See if Crosschq is the perfect solution for your company to source smarter, hire faster, and retain talent longer. Schedule a time to talk 1-on-1 with a team expert here.