With financial management often being a core system of record for businesses, ensuring the security of financial data is essential due diligence for any organisation . As a protector of the company’s funds, finance needs to weigh the rigour taken to protect this data. In this paper, we will consider questions regarding the practices and policies required for strong security and along the way, point out what Sage Intacct has put into place to protect the financial and operational data our customers have placed in our care.
As an early and consistent visionary in online financial management, Sage Intacct has kept a close eye on web security and how it’s progressed over the past two decades. One of the concerns early prospects expressed was the safety of their data. They had become used to on-premises computers and servers for
storing and accessing their data. The thought, in those early days, of using the internet to do their accounting felt like they were giving up control of a vital asset entrusted to their stewardship. Their fears of losing data or losing access to data were natural.
The truth was that even from the first release of Sage Intacct over 20 years ago, customer data has been safer in our hands than on the on-premises systems they had been using. As you’ll see in this paper, top-tier SaaS security measures, though constantly advancing, far outweigh the measures that most of our customers could individually afford to take. You’ll see how Sage Intacct customers enjoy financial data security and access that used to only be available to the largest enterprises.
The first question I’ll address is the question we used to hear from those very first customers: “Is my data safe?” Beyond answering that question, I’ll answer the common follow-up question: “How safe?” Answers to these questions, in concrete terms, support the trust that thousands of companies, including public companies, have placed in Sage Intacct and other SaaS providers.
Saying you can trust us is one thing, and proving it is another. You don’t have to take our word for it. I’ll explain exactly who is keeping tabs on security compliance and what they are tracking.
Once you know your data is safe, you’ll naturally want to know how easy it is to access. After all, data you can’t access doesn’t have nearly as much value as data at your fingertips. The second part of this paper answers key questions like, “Who owns my data?” And that is followed up with, “How can I access it and control access to it?” These questions should be part of every due diligence process, and as the service provider, Sage Intacct has an obligation to answer them.
Modern SaaS security needs to be covered from multiple angles: physical, network, application, and data. External audits and other third-party certifications ensure that a provider is making every possible effort to protect vital information in a highly secure environment.
A provider should be able to show relevant security-related policies and procedures, as well as updates to policies and procedures performed on at least a yearly basis.
Trained and certified people are a big part of the security equation. Requiring that all employees take periodic security training keeps a SaaS company’s entire staff aware of new threats and how to combat them. At Sage Intacct, we strive to promote a culture of security. This starts during orientation and continues throughout an employee’s tenure with email reminders, displays on posters and monitors, and mandatory ongoing training. This training includes:
• Acceptable use
• Social engineering
• Personnel security
• Data protection
• PCI
• HIPAA
• GDPR
• Incident response
Application developers and engineers are required to take additional application development-related security training to include the top 10 security risks outlined by the Open Web Application Security Project (OWASP Top 10).
Sage Intacct also employs dedicated, seasoned, and certified information security professionals (CISSP) who develop and drive its security program . The program encompasses both the physical and cyber security of Sage Intacct applications and infrastructure, as well as internal IT systems.
Read more by downloading the whitepaper below.
As an accredited and awarded Sage Intacct reseller, we view our clients’ success as our own and are dedicated to helping them find their way forward. Offering ongoing support, training, and resources ensures that our clients maximise the benefits of Sage Intacct and stay abreast of the ever-evolving business landscape.
Having implemented Sage Intacct for many businesses in ANZ across diverse industries, our experience spans areas such as Software and SaaS, Family Offices, Non-profit Organisations, Financial Services, NDIS and Human Services and many other industries.
Email us at Akuna Solutions for a free consultation and explore with a Sage Intacct implementation specialist how to leverage modern technology available today to future-proof your business operations.
Photo above by Liam Tucker on Unsplash