Screening data, defended in depth
A background check holds some of the most sensitive data a person has. We secure it in layers: encrypted storage and transport, hardened infrastructure, continuous detection and strictly limited access. All of it is published, control by control, in our Trust Center.
Security in layers
Six layers, all backed by controls you can review in the Trust Center.
Encryption everywhere
Data is encrypted at rest, company devices use full disk encryption and our TLS configuration is independently rated A+ by Qualys SSL Labs.
Hardened infrastructure
Workloads run in a virtual private cloud behind firewalls and traffic filtering, with anti-DDoS protection and cloud workload protection on top.
Detection and response
Security information and event management, intrusion detection, endpoint detection and response and continuous logging keep watch around the clock.
Strict access control
Data access is restricted to who genuinely needs it, protected by multi-factor authentication, password policies and monitored access.
Built to recover
Data backups, business continuity and disaster recovery plans, with a recovery time objective of 24 to 48 hours.
Secure development
A secure development lifecycle with code analysis, secure development training and a responsible disclosure process for researchers.
Independent security grades
Verify these yourself, the links run a live external scan.
Risk profile
Security documentation
Key documents from our Trust Center portal. Public documents open directly; the rest are available on request.
Subprocessors
The latest version of our sub-processor list, kept up to date as our supply chain changes.
Open documentInternal Data Protection Policy
The Internal Dataprotection Policy sets out how PESCHECK processes the personal data that it holds (relating to clients, staff and third parties). It outlines PESCHECK's responsibilities under data protection legislation and regulation, setting out how it will comply, and provides instruction for staff handling personal data.
Request accessSecurity questions from your team?
Questionnaires, architecture questions or an under-NDA report, we are happy to support your security review.