The security of your financial data is, of course, paramount. So when you contemplate moving your financial data into the cloud, you obviously must assure that your SaaS vendor has taken adequate steps to protect it. SaaS vendors such as Intacct understand this, and use their ability to leverage their extensive investment and expertise in security to benefit your company.
At the application level, Intacct builds in security measures such as controlling access with 3-part authentication, enforced password changes at specified intervals, strict session management, including automatic session and login timeouts. Also, Intacct allows you to carefully calibrate permissions and access to ensure each employee can access and use any part of the system that pertains to that employee’s job, but no other areas that don’t. You can also limit acceptable IP ranges for login, if you choose to.
At the platform level, Intacct has further security to prevent unauthorized programs, systems, and users from gaining access, or control, of key system processes and resources—and ultimately your data. Intacct is SAS 70 Type II audited (SSAE 16 audited in 2012) and PCI DSS certified, operates with tightly restricted physical access to production data including biometric access controls, hardened networks and firewalls, real-time activity log tracking, automated security scanning and third party white hat penetration testing, virus resistance reinforced through software architecture, and a minimum 128-bit encryption on all data transmission.
This question was taken directly from our white paper titled “13 Questions Nonprofit Organizations Need To Ask When Buying A New Accounting Solution.” To read the remaining 12 questions, please click here to get your copy of the white paper.