Cornerstone OnDemand | Our expertise

Disaster Recovery

Disaster recovery tests are performed twice per year at each disaster recovery data center. Our program ensures recovery within 24 hours of a major disaster with a Recovery Point Objective (RPO) of 1 hour or less. Seven days of hot backups are stored on the local SAN disk for immediate recovery.

Access Control & Physical Security

Our infrastructure is hosted in four secure data centers with two in North America and two in Europe. Every data center has 24-hour manned security, video surveillance, motion detectors, alarms and restricted access to select personnel with appropriate identification. Servers are stored in secured caged areas with biometric hand scanner access. Non-Cornerstone visitors must be escorted at all times.

Application Security

Our Unified Talent Management system is secured with 256-bit TLS, which encrypts all data in transit and ensures it is secure. Access to the Cornerstone application requires unique usernames and passwords and supports Single Sign-On (SSO), which requires clients to be authenticated. Rights and role-driven controls ensure users only see what they have been permitted to see.

Network Protection

A DMZ-protected production suite ensures infrastructure security through the use of firewalls, port filtering and network address translation via multiple load balancers. Internal firewalls segregate traffic between the application and database tiers. A third-party service provider monitors the network and sends alerts for any unusual usage and equipment failure.

Backup

Cornerstone takes AES-256 encrypted backups daily of full client databases before being written to tape. Hourly transactional backups are sent to separate hot disks, and backup tapes are collected weekly and transported in locked boxes to secure vaults.

Disaster Recovery

Disaster recovery tests are performed twice per year at each disaster recovery data center. Our program ensures recovery within 24 hours of a major disaster with a Recovery Point Objective (RPO) of 1 hour or less. Seven days of hot backups are stored on the local SAN disk for immediate recovery.

Access Control & Physical Security

Our infrastructure is hosted in four secure data centers with two in North America and two in Europe. Every data center has 24-hour manned security, video surveillance, motion detectors, alarms and restricted access to select personnel with appropriate identification. Servers are stored in secured caged areas with biometric hand scanner access. Non-Cornerstone visitors must be escorted at all times.

Application Security

Our Unified Talent Management system is secured with 256-bit TLS, which encrypts all data in transit and ensures it is secure. Access to the Cornerstone application requires unique usernames and passwords and supports Single Sign-On (SSO), which requires clients to be authenticated. Rights and role-driven controls ensure users only see what they have been permitted to see.

Network Protection

A DMZ-protected production suite ensures infrastructure security through the use of firewalls, port filtering and network address translation via multiple load balancers. Internal firewalls segregate traffic between the application and database tiers. A third-party service provider monitors the network and sends alerts for any unusual usage and equipment failure.

Backup

Cornerstone takes AES-256 encrypted backups daily of full client databases before being written to tape. Hourly transactional backups are sent to separate hot disks, and backup tapes are collected weekly and transported in locked boxes to secure vaults.

Disaster Recovery

Disaster recovery tests are performed twice per year at each disaster recovery data center. Our program ensures recovery within 24 hours of a major disaster with a Recovery Point Objective (RPO) of 1 hour or less. Seven days of hot backups are stored on the local SAN disk for immediate recovery.

Security

More than 37 million subscribers trust Cornerstone

Access Control & Physical Security