Security

Security - Portal

We know security of your data is crucial, and we treat the security of any information you add on your Portal account as a top priority. Every aspect of this Portal is designed to be secure at all levels, to only allow access to the registered users on your account. We are completely committed to all aspects of security, and work to make our hosted service as secure as having a server behind your own firewall.

Application and Data Security

Users can access their Portal accounts only with a valid username and password. Login information is encrypted between the server and the browser when logging in, and with SSL turned on, all transmissions are encrypted. We use Layered Encryption in transfer with high-grade TLS and multi-layered encryption at rest with 256-bit AES. Encryption keys are securely stored in separate locations.

The application architecture follows all best practices to ensure users only have access to information to which they are given permission. A security model is enforced at every level of the application to prevent a user of another account from accessing your information.

Server Security and Data Backups

The servers are hosted by a managed service which has 24-hour physical security and highly-controlled server access, as well as redundant power and network systems. The servers have firewall protection and intrusion detection systems, and have a minimal number of access points.

We follow all best practices in server security and maintenance to ensure no outside intruders gain access.

Comprehensive Reporting, Logging, and Audit Trails

Track account activity, file access, settings changes and nearly everything else that occurs in CountingWorks Pro. Track usernames, email and IP addresses. See timestamps for every action through the CountingWorks Pro Marketing Cloud dashboard.

Control Access, Authentication and Authorization

We utilize strong password strength requirements, and auto lock out after three failed login attempts. Control employee access to confidential files with multi-level access options.

We maintain physical, electronic and procedural safeguards that comply with applicable law and federal standards.