Reliable and secure data in Alga HR and Profit-We personnel, payroll, book-keeping, financial accounting and management systems.

January 28, 2021

Global development of digital economy on the basis of information technologies also results in an extensive development of new business models, which strongly influence the Alga HR and Profit-Web personnel, payroll, book-keeping, financial accounting and management systems. Digitization affects all industries and businesses, communication between people and our daily lives. It is changing the very structure of economy, bringing down the barriers between industries and altering the foundations of competition.

Information gathered with the help of information technologies - intangible assets are gaining more and more importance, as well as influencing the profitability, success and internal work culture of organizations. These information assets are particularly significant in the accumulation and processing of data via the personnel, payroll, book-keeping, financial accounting and management systems.

   In order for the used information technologies to be able to fulfil their mission in the digital economy, the created and stored information - the company's assets - must be safe and reliable, and their access and presentation to the user must be easy to manage, flexible, and must create benefits for the organization when using the personnel, payroll, book-keeping, financial accounting and management systems.

 Information and information systems have become a strategic asset that must be protected, just like any other property that is important for the operation of the company or institution. GDPR places particularly high demands on the data of the said personnel, payroll, book-keeping, financial accounting and management systems.

When developing our company's Information Security Management System, as well as developing and supporting our software products, we follow the requirements of the Information Security Standard IEC 27002, which provides best practice recommendations for information security management, the requirements of Lithuanian Standard LST EN ISO/IEC 17799 and the practice of our specialists.

Confidentiality, integrity and availability are the three key characteristics on which particular emphasis is placed during the development of Profit-Web and Alga HR personnel, payroll, book-keeping, financial accounting and management systems.

  The benefits of information security management solutions implemented in our personnel, payroll, book-keeping, financial accounting and management system:

  • Reduced risk of business management activities;
  • Reduced risk and proper management of business dependence on IT;
  • Users are given access to the Profit-Web or Alga HR personnel, payroll, book-keeping, financial accounting and management systems whenever necessary;
  • Confidential information stored in Profit-Web or Alga HR personnel, payroll, book-keeping, financial accounting and management systems is protected from unauthorized access or disclosure;
  • Information relevant to the organization is protected from intentional or unintentional alteration;
  • Reduced losses resulting from disruptions in IT work;
  • Selection of protection measures proportional to the potential threats and situations - optimal investments are made in information security.

Information stored in Profit-Web or Alga HR personnel, payroll, book-keeping, financial accounting and management systems is protected:

  • By controlling user access to the personnel, payroll, book-keeping, financial accounting and management systems;
  • By controlling access and attempts to reach separate functionalities and reports, separate records of accumulated information or reports, and restricted information fields of the personnel, payroll, book-keeping, financial accounting and business management systems;
  • By the audit function used in the system;

Information security functionality is flexibly adapted in the personnel, payroll, book-keeping, financial accounting and business management systems for the Internal Rules for Secure Electronic Information Processing approved by the Data Controller:

  • Each user of the Data Controller's personnel, payroll, book-keeping, financial accounting and business management information systems must be uniquely identified,
  • Testing of compliance with the OWASP Application Security Verification Standard is performed on a regular basis
  • Data Controller's password requirements for logging in to the personnel, payroll, book-keeping, financial accounting and business management information systems:
  • The password must consist of letters, numbers and special symbols (configurable);
  • Personnel, payroll, book-keeping, financial accounting and business management information system components that perform remote login authentication may prevent automatic saving of passwords (configurable); 
  • Maximum number of attempts to enter the correct password must be specified in the User Administration Rules approved by the Information System Manager, (configurable)
  • Passwords cannot be saved or transmitted in open text or encrypted with unreliable algorithms;
  • Additional requirements are set for the passwords of the user or administrator of the personnel, payroll, book-keeping, financial accounting and business management information systems (changing, composition of passwords, etc.)