NOVAtime Maintains Application Security Certification for the NOVAtime 4000 Workforce Management Solution

Share Article

Following a series of extensive external penetration tests, Plynt has certified the NOVAtime 4000 Time and Attendance / Workforce Management solution.

News Image

Plynt Application Security Certificate

The NOVAteam is again very pleased and proud to have achieved this important validation and milestone. This certification sets up apart - it represents a significant step forward in the quality of the solutions provided by NOVAtime.

NOVAtime Technology, Inc. ( is a forward-thinking workforce management solution development company that continues to apply the latest technology advancements to its suite of products and services. Today, NOVAtime announced that the NOVAtime 4000 Time and Attendance / Workforce Management solution has, once again, passed the rigorous penetration tests conducted by Plynt, a security testing and verification expert.

Plynt is the application security arm of Paladion, a Deloitte Technology Fast 5000 Asia company and a global leader in providing full service information security solutions. Attaining Plynt Certification indicates that NOVAtime 4000 Workforce Management solution takes adequate measures to guard against remote adversaries, while protecting against a wide range of threats. The NOVAtime 4000 application has demonstrated that it resists attacks and has integrated features that enhance its security.

The NOVAtime 4000 Workforce Management solution utilizes a multi-tiered, multi-tenant architecture, hosted at a SSAE 16 SOC1 Type II data center. NOVAtime earned two Plynt certificates: one for the NOVAtime 4000 Workforce Management Solution (including Employee Web Services, Supervisor Web Services and Administrator Web Services), and another for NOVAtime Enterprise Web Services (N.E.W.S.), a secured middleware service utilized by the NOVAtime 4000 application.

The Plynt Certification’s security protection criteria include the following:
1)    Safety against popular attacks;
2)    Defense against threat profile;
3)    Protection of sensitive data in transmission;
4)    Safeguarded passwords;
5)    Protection against password guessing;
6)    Secure “forgot password” implementation; and
7)    Insecure configuration settings on servers accessible directly by users..

The certification’s security requirements criteria state that:
1)    Safe sensitive data is not stored on client machines;
2)    Sensitive data is not hidden in pages;
3)    No sensitive data is revealed in error messages;
4)    Re-authentication is required for sensitive activities;
5)    No sensitive data is included in requests to external sites;
6)    Web server is protected against known vulnerabilities;
7)    No sample or test application is available to remote users; and
8)    No sensitive data is disclosed in any source code accessible to remote users.

The penetration tests target critical web applications, particularly those with sensitive data, including customer billing, personal information, banking, etc. This enables NOVAtime to meet the needs of top management enterprise customers, while the NOVAtime 4000 solution achieves compliance with regulations such as PCI, SOX, and HIPPA. The Plynt Certificates are evidence that NOVAtime’s solutions have passed globally recognized security checks, which have been applied by Plynt during the test.

“The NOVAteam is again very pleased and proud to have achieved this important validation and milestone. This certification sets up apart - it represents a significant step forward in the quality of the solutions provided by NOVAtime,” states Frank Su, president of NOVAtime. “NOVAtime has always been committed to software excellence, and passing Plynt’s security penetration tests is a reflection of that commitment.”

NOVAtime continues to develop its robust workforce management solution in order to provide the most secure application for its clients. NOVAtime’s Vice President of Research & Development, Gil Sidhom, explains that, “NOVAtime’s solutions have high development qualities and standards. Our customers can access the web-based NOVAtime 4000 SaaS system, NOVAtime 4000 self-hosted solution, and NOVAtime 4000 STARbox system with the confidence that the application has been tested by Plynt, a leader in the application security-penetration testing industry, and proven to be secure against potential intrusions.”

About Plynt:
Plynt is the security-testing division of Paladion, the full-service information security provider. Plynt provides comprehensive network and application security testing and certification to both mid-size and large global enterprises in North America, Europe, and Asia. Paladion manages technology and operational risks in a continuous and holistic manner. It is promoted by N.S. Raghavan, co-founder of Infosys Technologies Limited (INFY). With a global footprint across sixteen countries and by actively managing security for over 300 customers, Paladion is today’s fastest growing security services firm in Asia. The organization provides a unique technology platform and integrated services framework to actively monitor, reduce, and prevent risks on a 24/7 basis. Its managed security technology has won several awards and accolades globally, including the achievement of being ranked as Red Herring Top 100 Asia Finalists. For more information, visit or

About NOVAtime:
With corporate headquarters in Diamond Bar, California, NOVAtime continues to develop and provide the most advanced technology in its solutions. As a recognized technical leader in the Workforce Management industry, NOVAtime helps organizations, worldwide, automate and simplify their labor management processes. Over 10,000 organizations are utilizing NOVAtime Time & Attendance / Workforce Management solutions, with staff sizes ranging anywhere from under 100 to over 80,000 employees. The solutions offer various data collection methods, scheduling, labor allocation, leave and accrual management, reporting, and more. With flexible functionality and multiple methods of application delivery, including an on-premise licensed model, in addition to the hosted Software as a Service model, the NOVAtime 4000 solution is able to accommodate all types of businesses, regardless of size and complexity. For more information, please visit, email sales(at)novatime(dot)net, or call 877.486.6682.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Scott Rose
Visit website