Security you can count on.

How we protect our customers.

We encrypt our customers' data — from login to logout — using the highest encryption standards available, including 256-bit SSL encryption. That’s the same technology banks use to keep your account information safe.

Zenefits Security
Industry standard security.
State-of-the-art encryption technology
Your data is transferred with high-grade TLS and multi-layered encryption at rest with AES-128 — the industry-standard for commercial applications. Encryption keys are stored separately from the data, and it’s all hosted in our off-site, secure cloud infrastructure.
Data center security
Our server hosting locations are physically secured, staffed 24 hours a day, 7 days a week, 365 days a year by trained security guards who’ve undergone a thorough auditing process.
Two-factor authentication
Access to sensitive data requires two-factor authentication and is restricted only to authorized personnel performing specific tasks for the client (e.g. customer service).
Continuous monitoring.
In-house monitoring
Every day, our in-house security team reviews every security aspect of Zenefits.
3rd party testing
Our site and API are subjected to independent, ongoing penetration testing, security scans, threat detection and greybox assessment by well-respected cyber security firms including Synack, IncludeSecurity, and Qualys.
Real-time audit log
We also keep a real-time audit log of all data access and changes made by administrators, customers, employees and our automated system.
Zenefits Security
Zenefits Security
High availability infrastructure.
Redundancy
Our system spans numerous physical locations, with N+1 or greater redundancy to establish resilience for all components.
Recoverability
We store backups in multiple secure locations and update them throughout the day, every day.
Uptime
Our technology ensures high availability of your information: 99.9% uptime (with security in mind).