Protecting You & Your Financial Data

Your financial data is very important to you and protecting it has been central to our business success for over 8 years.

Application Access

We use SSL (Secure Socket Layer) just like online banking services to encrypt the information passing between the browser and the server to stop any potential hackers from accessing your data in transit. Access is username/password protected. Password resets can only be processed after identification check or via a reset email delivered to the users email address. Once logged into the system, the user can only access information that they have permission to view. The Role based access system allows the file administrator complete control of access to your information.

Only a few admin level staff have the ability to access or reset your file access at anytime. When you compare this to thousand’s of personnel in banks having access to your bank account information. We employ various checks and techniques that ensure URL manipulation, session management and other security issues risks are reduced. Files can also be locked on request. When you compare this laptop theft or typical desktop software viruses we believe we are substantially safer than most on-premise software implementations.

More information about:

• our world class Data Storage & Network Operations
• protecting your data with Backups

Server Security

Firewalls are managed by security specialists and deployed in a private IP space, while servers and routers are segregated in a Virtual Local Area Network (VLAN). Network security features also include multi-level privileges, OS lock downs, centralised authentication and device change logs.

Security Patching is performed by constantly updating our security systems. This ensures optimum protection for our subscribers. Monitoring and addressing emerging threats, and quickly processing and applying new security patches is standard procedure.

The server manager is constantly engaged in threat analysis. They work on identifying and addressing security weaknesses in Web-oriented servers, applications and activities.

A security testing laboratory ensures all high level security devices are subjected to full security testing before they are deployed including the installation and configuration of the Operating System, the disabling of vulnerable or unneeded services, and advanced vulnerability tests.

Technical Security Personnel

Security specialists have earned Certified Information System Security Professional certifications (ISO/IEC 17024) and we have working relationships with other security response teams.

To ensure a fast response to a security event, qualified personnel are available 24×7x365.

Transactional and File level Security

Employee fraud comes in many forms and is difficult for any business to contain because many procedural factors are involved. Software and Web Access are just one aspect. Security has to be looked at holistically.

In theory employees can access trial or free version of most accounting products to produce fake documentation. They can also digitally modify existing documents like payslips or invoices. Online accounting applications have the benefit of real-time traceability of user activity while software may not.

Saasu can help generate some extra comfort through tracking user activity and making this information available to the Subscriber on request. For security reasons we don’t disclose what is available in the public domain. Please contact us for more information.

Saasu Roles allow you to control access levels of your users. The default settings for your initial subscription allow for full access to all areas. However you are in control of the access levels of each user and accordingly the access to areas such as Settings which include features like invoice/email templates and the locking of transactions around date ranges.

Security features include:

• User roles which disallow access to defined areas in Saasu. The Subscriber/Admin level has control of user roles. Go to MySaasu > Manage Subscription > click on each employee to control their Role (access level). You can create your own custom Roles in this area.
• Lockable transaction settings down to same day. Go to Settings > Transactions.
• Tracking of Users who created, modified and deleted a transaction.*
• User Signin Audit Trail report including IP address tracking. Go to Reports > Security > User Signin Audit Trail report
• Last modified information at the bottom of Sales and Purchase transactions amongst others.
• Email activity log files.*

* On application. Fees may apply.