The app holds sensitive data: payslips, org chart, workflow access. Illizeo layers multiple security mechanisms (encryption, biometrics, MDM, kill-switch) to protect this information even if the device is lost or stolen.
Security layers #
| Layer | Function |
|---|---|
| Local encryption | AES-256 on stored data |
| Biometrics | Face ID, fingerprint, pattern on every unlock |
| Secondary PIN | 4-8 digits for sensitive actions |
| MDM (Mobile Device Management) | Intune, Jamf, Workspace ONE compatible |
| HR kill-switch | Remote device revocation |
| Root/jailbreak detection | Denies access on compromised device |
Procedure in case of loss or theft #
-
Notify IT immediately #
Email or call your IT team. The faster the notification, the smaller the risk.
-
IT revokes access #
From the Illizeo admin panel: Security → Devices → select device → Revoke. The session is killed instantly.
-
Wipe remotely (if MDM) #
If the phone is on MDM, IT can wipe the app and its data via MDM.
-
Review access logs #
The log lists recent connections, IPs, geolocations. Spot any suspicious activity.
-
Reactivate on new phone #
Download the app, re-authenticate. Data comes back from the cloud, history is intact.
FAQ #
What if the employee refuses biometrics?
No legal obligation. Password + PIN is enough.
Can HR read my data via the kill-switch?
No. It cuts access, doesn’t extract data. Only Illizeo admins can access under GDPR.
How long before wipe?
Immediate with MDM. Without MDM, wipe is local on next online boot.
What if the phone is offline and lost?
Without MDM or connection, data stays encrypted. Without biometrics or password, it’s inaccessible.
