Pro5 Trust Center
Welcome to the Pro5 Trust Center.
Our commitment to data privacy and security is embedded in every part of our business. Use this page to learn about our security posture and request full access to our security documentation.
Product Security
Application
Pro5 runs on highly secure, scalable infrastructure on the cloud. Security is a key feature of our technology stack, from the infrastructure up to the application.
Our proprietary software goes through regular security assessments & config audits.
Our proprietary software goes through regular security assessments & config audits.
Pen Testing
Our infrastructure undergoes regular penetration testing to ensure that potential vulnerabilities are identified and addressed swiftly.
Please reach out to us for access to our latest Pen Test report.
Please reach out to us for access to our latest Pen Test report.
Security Reviews
An external team of security experts perform regular security audits to ensure our users' data remains protected and in compliance with industry standards.
Our comprehensive audit logging across the stack allows for full transparency into all activities on the platform. Please reach out to us for access to our latest Security reports.
Our comprehensive audit logging across the stack allows for full transparency into all activities on the platform. Please reach out to us for access to our latest Security reports.
Audit Logging
The Pro5 Platform offers comprehensive Audit Trails for events and changes that take place across the different layers of the Tech Stack. This allows us to validate all user and system activities, and trace back all changes made within the application.
The Audit Trail includes a detailed description of the action, resource affected, and a timestamp.
The Audit Trail includes a detailed description of the action, resource affected, and a timestamp.
Role-Based Access Control
RBAC has been implemented throughout the Pro5 platform, including custom roles which can be used to control permissions for Users, User Groups, or Service Accounts.
Please reach out to us for access to our Roles and Permissions Matrix.
Please reach out to us for access to our Roles and Permissions Matrix.
Infrastructure
The Pro5 platform is hosted on a dedicated server environment, providing enhanced security, performance, and control compared to shared hosting.
Our dedicated infrastructure isolates your data and workloads from other environments, ensuring heightened privacy and reduced security risks. Our infrastructure is designed with RAS (Reliability, Availability, Scalability) as a key focus of the platform. This setup ensures that the Pro5 platform remains resilient with minimal downtime, even under high load or during routine maintenance.
Please reach out to us for access to our BCDR (Business Continuity & Disaster Recovery) plan.
Our dedicated infrastructure isolates your data and workloads from other environments, ensuring heightened privacy and reduced security risks. Our infrastructure is designed with RAS (Reliability, Availability, Scalability) as a key focus of the platform. This setup ensures that the Pro5 platform remains resilient with minimal downtime, even under high load or during routine maintenance.
Please reach out to us for access to our BCDR (Business Continuity & Disaster Recovery) plan.
Integrations
The Pro5 platform integrates only with highly reputable 3rd party repositories and providers. We call connections to cloud platforms "Cloud Providers" and connections to other platforms "Connectors".
Please reach out to us for a full list of Connectors.
Please reach out to us for a full list of Connectors.
Product Development
Our Secure Software Development Life Cycle (SSDLC) integrates security practices into each stage of the development process, including the requirements, design, implementation, and testing.
Please reach out to us for an overview of our SDLC process.
Please reach out to us for an overview of our SDLC process.
Version Control
Our platform integrates version control systems within the application, providing a clear audit trail of changes and updates to ensure transparency and traceability during the development lifecycle.
Changes
Our secure Change Management process ensures that changes occur in a controlled and secure manner, from definitions to execution. The process is continuously monitored and improved, and stakeholders are educated about the importance of security in the change management process.
Please reach out to us for an overview of our Change Management process.
Please reach out to us for an overview of our Change Management process.
Incidents
We have clear Security Incident plan in place for identifying, assessing, and responding to incidents. After every incident, we document key takeaways and learnings to help improve the process and prevent similar incidents in the future.
Please reach out to us for an overview of our Incident Management process.
Please reach out to us for an overview of our Incident Management process.
Data Security
Personal Data Protection Act Compliance
The Personal Data Protection Act (PDPA) provides a baseline standard of protection for personal data in Singapore. Pro5 applies controls on our infrastructure, application and data policies to ensure compliance with the PDPA requirements.
For information regarding the deletion of personal data please see Data Privacy.
For information regarding the deletion of personal data please see Data Privacy.
Classification
We take our users’ data seriously. Our data classification ensures that data remains within defined trust boundaries.
In the event of a data breach, no user data will be impacted.
Please reach out to us for access to our Data Classification policy.
In the event of a data breach, no user data will be impacted.
Please reach out to us for access to our Data Classification policy.
Backups
We perform point-in-time backups of critical systems and data stored in our environment, taking snapshots of every change, and allowing us to restore to an exact point in time in case something goes wrong.
Backups are encrypted, and access to data stores is restricted by the principle of least privilege.
Backups are encrypted, and access to data stores is restricted by the principle of least privilege.
Data Erasure
User data is deleted automatically after a user's account is marked as expired.
For information regarding the deletion of personal data please see Data Privacy.
For information regarding the deletion of personal data please see Data Privacy.
Encryption-at-rest
Data stored in the Pro5 Platform is safeguarded using state-of-the-art encryption, applying AES-256 encryption algorithm (or stronger).
This ensures that the data is protected against unauthorized access, providing a high level of security and privacy for users and their information. It also helps in maintaining the integrity of the data, even in the event of a potential security breach.
This ensures that the data is protected against unauthorized access, providing a high level of security and privacy for users and their information. It also helps in maintaining the integrity of the data, even in the event of a potential security breach.
Encryption-in-transit
Data submitted to Pro5 is encrypted with TLS 1.2 (or stronger) over the public internet.
This ensures that the data transmission between the user and the Pro5 platform is secure, reducing the risk of data interception or manipulation by unauthorized parties.
This ensures that the data transmission between the user and the Pro5 platform is secure, reducing the risk of data interception or manipulation by unauthorized parties.
Network Security
Email Security
The Pro5 domain utilizes DMARC, DKIM and SPF to reduce the risk of email spoofing attacks.
Firewall
Pro5 utilizes the native firewall capabilities of our cloud service providers to protect our infrastructure, as well as a customized WAF (Web Application Firewall) through Cloudflare, with enhanced firewall configurations.
DDoS Protection
Pro5 secures its platform using Cloudflare, ensuring advanced DDoS (Distributed Denial of Service) protection, safeguarding the platform against attacks designed to disrupt service availability.
Virtual Private Cloud
Pro5 uses VPCs within our cloud infrastructure.
Wireless Security
Office wireless networks are secured using strong encryption and segregated from the production network.
Corporate Security
SSO
Pro5's corporate SSO (Single Sign-On) provides strong authentication and authorization for access to internal systems. Role-based access is granted using the principle of least privilege and permissions are reviewed regularly.
Logging
Important activities in our cloud infrastructure are logged and retained appropriately to assist us with investigations in the event of an incident.
Password Security
Employees are required to set strong passwords, use 2FA, and use a secure password manager to store company credentials.
Fairness
No Human Bias
Our processes exclude human subjectivity and unconscious bias through automation, standardization, and anonymization.
This ultimately leads to significantly fairer decision making than traditional manual methods
This ultimately leads to significantly fairer decision making than traditional manual methods
No AI Bias
At Pro5, our AI is continuously trained and tested with extensive unbiased data, unbiased classification, unbiased samples, unbiased labels, and algorithms that are refined whenever biases are detected.
We explicitly exclude information such as gender, age, race, marital status, socioeconomic status, and other potentially bias-inducing factors from our assessments.
Traditional methods often rely on CV keyword filtering, which offers limited understanding of the context and can be easily manipulated. In contrast, Pro5 ensures fairness by objectively focusing on the candidates’ real-world capabilities.
Moreover, we always have a human in the middle of the process to ensure that our AI’s decisions are validated, providing an additional layer of fairness and accuracy.
We explicitly exclude information such as gender, age, race, marital status, socioeconomic status, and other potentially bias-inducing factors from our assessments.
Traditional methods often rely on CV keyword filtering, which offers limited understanding of the context and can be easily manipulated. In contrast, Pro5 ensures fairness by objectively focusing on the candidates’ real-world capabilities.
Moreover, we always have a human in the middle of the process to ensure that our AI’s decisions are validated, providing an additional layer of fairness and accuracy.
