Why bottom-up architecture is the future of WFM solutions
This article explores 5 common drawbacks of legacy tools and how next-generation, bottom-up architecture unlocks revenue growth.
Building a staff schedule couldn’t be easier.
Reduce payroll errors with real-time T&A.
Fill 50% more shifts with your own employees.
Ensure shifts are covered even if you're understaffed.
Manage absence requests and approvals.
Practical ways to boost team morale with proven examples from across the sector.
Find out what care employees say matters to them most at work.
Search and view employees with customised permission levels.
Key employment information all in one place.
Store visas, professional certifications and more with easy access.
Control personal and operational details of your staff.
Why are people leaving Social Care, and where are they going?
We asked 250 Social Care leaders about their attitudes towards digitisation and their plans for the next 12 months...
Why are Hospitality workers leaving the industry, and what can you do to retain them?
Share updates with a single click.
Staff can see relevant messages in one place.
Request post-shift feedback from staff.
Recognise staff contributions by sending them praise.
Identify staff at risk of churning.
How care organisations can embrace flexible working and thrive.
Maintain quality of care and reduce costs.
Maximise profitability through AI-powered forecasting & scheduling.
Elevate your operational efficiency and guest satisfaction.
Streamline operations across sites.
Developed alongside Social Care experts with decades of combined experience.
See why we are the leading user-friendly, end-to-end platform that prioritises both efficiency and wellbeing.
The Sona Partner Network is an ecosystem of solution experts and complementary technologies.
Give staff greater visibility of shifts available to work, with a simple "shift claim" process to increase their income.
Improve employee engagement and retention with a seamless employee communication platform.
Happier staff provide greater customer experiences, which in turn drives return rates, revenues and recommendations.
Give staff greater visibility of shifts available to work, with a simple "shift claim" process to increase their income.
Improve employee engagement and retention with a seamless employee communication platform.
Happier staff provide greater customer experiences, which in turn drives return rates, revenues and recommendations.
Meet the Sona team online with our webinar series or in-person at an event near you.
Downloadable templates, reports and guides from Sona.
New research, insights, and strategies for frontline leaders.
Stay up to date with the latest Sona news and research.
Learn how our customers are transforming their people operations.
| 7 min read
This article explores 5 common drawbacks of legacy tools and how next-generation, bottom-up architecture unlocks revenue growth.
| 9 min read
This essential guide explains the evolution of WFM and why AI-driven technologies will influence the way organisations are run in the long-term.
| 6 min read
We’re excited to announce that Sona has raised £22m to help large organisations move from legacy systems to a truly intelligent AI-driven WFM solution.
PUBLISHED: August 2024
What motivates the next generation of Care professionals to stay in the sector?
PUBLISHED: August 2024
Find out if your tech supports your business goals!
PUBLISHED: August 2024
How to invest in management solutions that pay for themselves
All connections to Sona are over https using a minimum of TLS v1.2. All data is stored in our Google Cloud Postgres Databases using GCP's encryption at rest at a minimum of AES256 bit.
Sona is hosted in Google Cloud Platform. Please see this link for details of their security.
Governance is managed by the Information Security Working Group that meets regularly to discuss opportunities to improve our information security posture. The ISWG is chaired and coordinated by our contracted Information Security Officer who is a qualified ISO 27001 lead auditor and GDPR practitioner.
Additionally, Sona is working with a global leader in security compliance automation in order to progress our ISO27001 implementation and accreditation.
At the company level we have an access control process that operates on the principle of least privilege and subject to regular reviews (frequency depends on the criticality of individual systems). Employees are prohibited from sharing credentials and all passwords are stored in our company password management solution. Wherever possible, we have reporting enabled in our cloud services to alert users where there are login attempts that are suspicious along with features such as automatic locking where possible. MFA is in place for all critical systems such as infrastructure interfaces. All of the above technical controls and training have been verified as compliant with Cyber Essentials, of which Sona are accredited as of 21 August 2023.
Within the app - Access to app features and data within is tied to a permissions matrix that is referenced by user roles. Each user is assigned to a role that has specific permissions in line with the role and prevents users from accessing features or data that they are not entitled to review. Users are authenticated to access the app by entering a token that is sent as a challenge to a validated telephone number. The token expires after 10 minutes. All users have unique username and password credentials, alternatively we can provide an SSO solution. This method of authorised telephone number verification and use of One Time Password; (throttling) is verified as a key mechanism which protects against the risk of brute-force attacks per the NCSC's Cyber Essentials scheme guidance.
All in flight data to the App is encrypted over http using a minimum of TLS v1.2. All data stored locally is encrypted using the local device's native encryption mechanism. All Android and iOS versions supported by the app use the AES 256 algorithm to encrypt the device’s file system. The app requests a time-sensitive authentication token upon login which is used to authenticate all subsequent requests. The authentication token is stripped from the response and stored in the encrypted file system of the local device and never cached in memory.
We have uptime of 99.9% or higher.