Login
Get started

PROTECTION & SECURITY

Security at OnPay

Updated: February 20, 2025

At OnPay, security is the foundation of everything we do. We recognize that handling sensitive data is a profound responsibility, and as your trusted partner we go above and beyond the industry standards to ensure utmost protection for our clients.

Compliance Standards

  • Third-party Certification: OnPay holds third-party auditor certification with the AICPA’s SOC program and is SOC 2 Type II compliant. This reflects our dedication to protecting client data through rigorous internal controls and industry best practices.

Data Protection and Security

  • Encryption Standards: OnPay protects your data with industry-leading standards to ensure comprehensive security with end-to-end encryption.
  • Secure Data Storage: We take extensive measures to protect data stored on our servers, leveraging AWS’s secure infrastructure with both physical and technical controls.
  • Data Protection: OnPay maintains robust backup systems and contingency plans to ensure uninterrupted service.

Identity & Access Management

  • Multi-Factor Authentication (MFA): OnPay mandates multi-factor authentication for all internal systems and tools, ensuring that only authorized personnel can access sensitive data. For OnPay clients, we strongly encourage turning on MFA and creating strong, unique passwords.
  • Role-Based Access Control (RBAC): We enforce and regularly audit strict role-based access controls based on job roles and responsibilities, minimizing unnecessary data exposure.

Employee Training & Awareness

  • Continuous Security Training: OnPay conducts ongoing training programs for all employees to ensure they are well-informed about cybersecurity threats and best practices.
  • Phishing and Social Engineering Defense: We provide regular education to employees on recognizing and preventing social engineering tactics, helping our team stay vigilant against evolving threats.

Commitment to Innovation

  • Continuous Improvement: We are committed to continually assessing and implementing the latest tools, technologies, and best practices to ensure protection in the ever-evolving security landscape.
  • Partnership with Security Experts: OnPay collaborates with industry experts to continually evaluate, refine, and strengthen our security protocols in alignment with the latest security standards.

🔔 Want to report a security concern? Send us an email at security@onpay.com and our team will investigate promptly.

LET’S DO THIS

It’s easy
to get started

Try OnPay out yourself to see how easy payroll and HR can be. To get started, just share a few basic details about your business. Our team of pros will set everything up and import your employees’ information for you.

Get started

Serving Clients for Over 30 Years

Insurance offered through OnPay Insurance Agency, LLC (CA License #0L29422)

Terms and Conditions | Privacy | Cookie Policy | Manage Cookies | Sitemap

©2025 OnPay, LLC