AMGtime WEB Solution

Employee Management Web Solution

  • Pay Period Types 5 Types: Weekly, Biweekly, Semimonthly, Four Weekly, Monthly
  • Overtime Levels Supports: 3 Levels
  • Overtime Calculation Modes 3 Types: Weekly/Biweekly, Daily, Consecutive
  • Types of Shifts (Schedules) 3 Types: Fixed, Flexible, Floater
  • Types of Wages 3 Types: Hourly, Salary, Calculated Salary
Unlimited Headquarters, Divisions, Groups, Departments, Jobs, Categories, Shifts, Pay Policies and Technical Support.

Maximum # of Employees:

Concurrent Users:

Main Features

 Auto DB Backup
 Auto Polling from Devices
 Auto Sending Reports by E-Mail
 Badge Backup/Restore
 Badge Management
 Badge Transfer
 Benefit Assignment
 Built-in Payroll Export
 Configuration Wizard
 Database Backup/Restore
 Database Purge
 Device Messages
 Device Polling
 Display Mispunches
 Employee Export to File
 Employee Import From File
 Global Transactions
 Miscellaneous Entries
 Manual Timecard Editing
 Network Version
 Optional Data migration
 PC Clock
 Remote Client
 Report Export
 Sending Reports by E-Mail
 Shift Differential
 Simple Rounding
 Status Board
 Support Request
 Wrong Transactions
 User Permissions


Security Assesment

On April 2017 software security firm Cigital, Inc. had performed assessment on to assess the overall security posture of the website from a black-box perspective. This includes determining the site's ability to resist common attack patterns and identifying vulnerable areas in the internal or external interfaces that may be exploited by a malicious user. While performing the assessment of, Cigital identified that security controls were effective in resisting common attack patterns like:

  • Authorization Attacks
  • SQL Injection

In addition several recommendation were made to improve overall security of the site and those were addressed accordingly.

Secure Certificate:

  • uses TLS 1.2 (a strong protocol)
  • ECDHE_RSA with P-384 (a strong key exchange)
  • Signature algorithm: SHA256withRSA
  • Issuer: Go Daddy Secure Certificate Authority - G2

User Authentication page Policy: user authentication pages are protected with Google's Captcha to block a password-guessing attack known as a brute force attack.

Password Policy: utilizes Google's Strong Password Policy with minimum length of 9 characters per password.

File Upload Policy: has a restricted file upload for known executable file types such as (Exe,Com,Js,Dll,Bat ....)

Cross-Site Request Forgery Policy:

On all form based request have a [Request Verification Token] that is generated by a custom made complex algorithm.


HTTP response header "X-Frame-Options" is used in HTTP header to ensure that the content is not embedded into other site. This indicates that web browser should not be allowed to render a page in a <frame>, <iframe> or <object>.


Cloud Based Secure Hosting: is hosted on Microsoft Azure cloud with Unified security management and advanced threat protection.

  • Azure continuously monitors the security of using hundreds of built-in security assessments and uses actionable security recommendations to remediate issues before they can be exploited.
  • Provides unified view of security across all premises and cloud workloads. Automatically discovers and on-boards new resources, and applies security policies across hybrid cloud workloads to ensure compliance with security standards. Collects, searches, and analyzes security data from a variety of sources, including firewalls and other partner solutions.
  • Enables adaptive threat protections to reduce exposure to attacks. Blocks malware and other unwanted code by applying application controls adapted to specific workloads and powered by machine learning. Enables just-in-time, controlled access to management ports to drastically reduce surface area exposed to brute force and other network attacks.
  • Uses advanced analytics and the Microsoft Intelligent Security Graph to get an edge over evolving cyber attacks. Leverages built-in behavioral analytics and machine learning to identify attacks and zero-day exploits. Monitors networks, machines, and cloud services for incoming attacks and post-breach activity. Streamlines investigation with interactive tools and contextual threat intelligence.


ACA Compliance (1094-C & 1095-C Reports)
Advanced Rounding
Annual Attendance Report
Bank Hours
Badge Repository
Bell Schedules
Benefit Accrual
Categories Report
Door Access Report
Employee Login
Job/Department Costing
Mandatory Paid Sick Leave
No Lunch, Short Lunch, Late Lunch
Nursing Hour Per Patient Day (NHPPD)
One Screen Easy Scheduling
Punch Analysis
Staffing Agency
Live Chat Software