Security and Dado
Dado takes the privacy and security of the data you share and the accounts you connect very seriously. This article outlines the basics of how we ensure the security of our systems; and shares some tips on how you can contribute to keeping your data and accounts secure. If you would like any more details, we'll be happy to share – just contact help@dadohr.com.
How Dado secures your data and systems
Dado has a number of processes and practices to make sure our software is secure and your data stays private.
Dado is both SOC2 and GDPR compliant. Our annual SOC2 audits check both that our processes and practices are sufficient to ensure security, and that we're diligently adhering to them. Email help@dadohr.com to request a confidential copy of our latest SOC2 audit report.
Our security processes and practices include:
- Building our software with security as a priority
- our system architecture is designed to reduce the vulnerable points where attacks could be targeted
- we regularly scan our software for vulnerabilities and rapidly fix any found
- our developers are trained in how to write secure code, and all code changes are reviewed for security before they're released
- we encrypt data where it's stored and in transit, and back up our databases regularly
- we run annual penetration tests to ensure there are no ways our systems could be penetrated by hackers
- we monitor a range of aspects of our system performance and activity, so we can identify any suspicious activity
- Running our business with security as a priority
- all team members are trained in security practices and must sign confidentiality and security agreements before they start work
- any team members with access to customer data or who can release to production undergo a background check
- we require all team members' laptops to have malware protection, encryption, passwords and other security settings
- we restrict access to systems (especially those containing sensitive or confidential data) to only those who truly need it, and store passwords and encryption keys securely
- we carefully vet any suppliers or tools we use to ensure they have strong security practices
How you can maintain security and privacy
In addition to the ways that Dado protects you, there are a few practices you can use to safeguard security.
- Restrict what data you sync to Dado from your HRIS
- Rather than syncing everything, sync only the fields you'll need for your Experiences
- Include the data you'd need to control who enrolls in Experiences; the data needed to personalize those Experiences; and data about Supporting Actors (eg managers and buddies)
- Use the Permissions feature to limit access within your organization
- You can give your colleagues full access to all Dado's features and data, or limit them so they can only see and/or edit particular Experiences
- Find out more in our help article here