All data sent to and from the Microkeeper servers is done via a 256-bit SSL encrypted connection.
Some values are encrypted at rest and some values are not, for example TFN are encrypted.
Microkeeper does not encrypt all fields, this is because it can hinder database performance and slow down search queries.
Microkeeper integrates to many third party software providers, these provides have access to different levels of data depending on what is required to achieve the desired outcome.
These providers do not have access by default, the accounts administration must trigger an action to these providers for the data to be forwarded.
Here is a list of third party software providers and the data they have access to:
|Software Provider||Access Level||Reason||Data Access|
|SuperChoice||High||Process Super||Name, DOB, TFN, Mobile, Super fund, Member number, Super contribution values|
|ATO||Very High||Submit Single Touch Payroll||Almost all fields|
|SMSBroadcast||Low||Send SMS||Name, Mobile|
|Apple||Low||Send Push Notifications||App to device token|
|Google Apps||Low||Send Push Notifications||App to device token|
|NAB Merchant facility||Medium||Make Credit Card Payments||Credit Card Details, Username|
|Xero||Medium||Send Invoice for Payroll||Accounts, Cost of wages, PAYG values, Super values|
An image of the fingerprint is not stored. The fingerprint is converted to a binary string.
Below is my fingerprint and how it looks as a binary string:
This string can not be converted back into a fingerprint and is only useful to the Microkeeper fingerprint interpreter.
Microkeeper is ISO 27001:2013 which is globally recognised as the premier information security management system (ISMS) standard.
Compliance is a requirement of SBR and thus permitted to submit STP data.
Verification of Microkeeper SBR compliance can be found on the Standard Business Reporting Product Register.
Microkeeper delivers best-in-class availability. Microkeeper use multiple redundancy technologies for our servers, networks, databases and data.
These ensure that if any component fails, Microkeeper will recover with little or no disruption to your service or loss of data.
Microkeeper uses different server hosting environments for different parts of the system stack.
All hosts are in Australia and highly critique by Microkeeper Engineering team.
All hosts have:
|Google Cloud Platform||https://cloud.google.com/|
Firewall upkeep and maintenance is the responsibility is our server hosts.
Please visit our hosts websites for more information about their data security policies.
AV is not required for the hosting environment this is because it's a locked down environments were new software vendors are rarely installed.
Inhouse all Support and Software Developer run Windows Defended, updates are fully automated.
Third party vendors are updated as new releases, where possible automated updates are implemented.
Where automated updates are not possible, manual installation is conducted.
Manual updates typically take between a few days to a couple of weeks depend on risk profile and difficulty of implementation.
Microkeeper has a "No Print Policy" thus no customer data is ever printed.
Data is kept for a minimum of 10 years in alignment with Australia Law.
If an account parts way, Microkeeper retains data.
Data is automatically deleted once the data is 10 years old via built in scripts.
An automated backup is taken during quiet times on a daily basis.
7 backups are kept for 7 days, Example:
An Annual backup is taken which is kept indefinitely.
Microkeeper requires the following for a strong password:
Account lockout is for 5 minutes after 5 attempts at a password.
After a maximum of 50 attempts the account is permanently locked and can be unlock by contact admin.
When storing passwords in the database, they are hashed using sha256 and proprietary double salting.