PayBun is built on Microsoft Azure with layered defenses, encryption everywhere and isolated customer data — engineered to keep you secure, available and compliant with Malaysia's PDPA.
PayBun runs on a secure, high-availability Azure architecture split across two availability zones, with traffic tiered through an Application Gateway, hardened application servers and a private data tier. Administrative access is brokered only through Azure Bastion.
All user traffic reaches PayBun over HTTPS, terminating at a Web Application Firewall — the only public door to the platform.
The firewall shields hardened, non-internet-facing application servers from OWASP threats — SQL injection, cross-site scripting and intrusion attempts — and alerts administrators on suspicious activity.
The authentication database holds no customer data — it only locates your dedicated instance, kept separate from the application tier.
Connection properties to your data are encrypted and can be decrypted only by the application server — never exposed to the client or stored in plain text.
Each role uses a distinct, restricted account. Support and project staff get individual, audited accounts, reachable only through Azure Bastion or a jump host.
Azure Defender scans for suspicious activity around the clock and produces monthly analysis of consumption, faults, performance and error logs.
HTTPS for all traffic, with encrypted connection strings throughout — connection properties can be decrypted only by the application server.
Your data lives in its own dedicated instance and database — kept entirely separate from authentication and from other customers.
The authentication database stores no personal or payroll data — only the keys needed to route a request to your encrypted instance.
Whitelist your trusted networks: internal users on safe IPs get full access while external sessions are limited to a restricted set of functions.
Individual, named accounts for every administrator and support action mean each access to your data is attributable and reviewable.
Azure Defender continuously inspects activity and reports anomalies, so threats are surfaced early rather than discovered late.
PayBun's architecture and processes are built to support the seven principles of the PDPA 2010 for the personal data you entrust to us.
Layered defenses, encryption and least-privilege access protect personal data against loss, misuse and unauthorized access.
Defined backup and retention schedules — data is kept only as long as needed, then handled per your retention policy.
Isolated databases, point-in-time restore and audit trails keep records accurate, complete and recoverable.
Role-based, self-service access lets data subjects and administrators view and correct the data they're entitled to.
Clear handling of what data is collected and how it's used, supporting your obligations to employees and applicants.
Personal data is processed only for agreed HR and payroll purposes — never disclosed beyond what you authorize.
PayBun Sdn Bhd's Information Security Management System is certified by InterCert to ISO/IEC 27001:2022 — covering the infrastructure, applications and systems that deliver our services, and how we hold and manage customer and business data.
Certified by InterCert. Scope covers HR, Engineering & Product Management, Customer Support, Sales & Marketing and Finance.
PayBun also runs entirely on Microsoft Azure, whose data centres carry their own independent global security certifications.
Every tier is redundant and continuously backed up. If a component or a whole zone fails, PayBun keeps running — and your data can be restored to any point in the recent past.
Request our security overview or arrange a session with an HR solution expert and our technical team.