Bank Feed Security
Saasu has an internal development model nicknamed RISC. Redundancy, Integrity, Security and Capacity are the cornerstones of our development approach. Our investors come from investment and transactional banking backgrounds so we know that to achieve bank level security we have to partner with only the most trusted companies who's main role is to provide bank data to the financial sector.
We have third party security consultants who review our application. They have security programmes written specifically to test weaknesses in web applications like our own. They have experience dealing with other software companies in the accounting space, not just our own, they are also very familiar with data feeds, bank data formats, the security required for e-commerce, credit card processing and PCI compliance measures.
Internally we have many of these skills but security is all about layers of knowledge to ensure quality assurance levels are strong at all levels of the application. At the end of the day Saasu's investors and customers need to be comfortable that the risk is very low as our business depends on it more than any other factor.
Our data provider, Yodlee, employs leading-edge technologies, ISO standards, and business practices to protect your data. They have multiple patents granted or filed on various aspects of their technology including security infrastructure and data acquisition framework.
Saasu Online Accounting security measures
|Digital Certificates||Saasu and Yodlee both use Thawte certificates for our services. Click on the lock icon in your browser reveals more information about your security.|
|Data and Password Encryption||Password and account data are stored and transmitted in encrypted format at all times. All data is securely housed in an Internet server hosting space that provides enhanced physical security, fire protection and electronic shielding.|
|Network Intrusion Detection Systems||Network-based IDS (intrusion detection system) provides 24x7 network monitoring and alerts security personnel to any external attacks on the network.|
|Physical Security Measures||Saasu online accounting retains a highly secure server stack in Australia and Hong Kong where security personnel monitor our systems 7 days a week, 24 hours a day. Access to servers requires multiple levels of authentication.|
|Security Audits and Inspections||The security infrastructure is regularly audited and inspected by our own system administrators and a third party company who's speciality is security and data integrations.|
How do you protect my account passwords and user IDs?
Your personal information is entered through Secure Socket Layer (SSL), which creates an encrypted connection between your browser and our servers. This information is kept encrypted at all times.
Who has access to my Bank Account information?
You and only you know your password. No one can access your account unless you provide him or her with access via the Manage Subscription Screen. Even you can't access you password as we don't store this information in the Saasu Online Accounting application. No Saasu employees have access to your password.
How is my account information protected during transmission?
The transmission of data is protected using industry recognized encryption standards, such as 128-bit. Users' passwords are transmitted and stored in encrypted format at all times.
Where is my account information stored?
Your information is stored on servers, which are securely housed in an Internet server hosting space that provides enhanced physical security, fire protection and electronic shielding. Security personnel monitor the system 24 hours a day, 7 days a week. Access to servers requires multiple levels of authentication.
How is my account information protected from "Hackers" or outside intrusion?
Network-based intrusion detection systems (IDS) provide 24x7 network monitoring and alerts us to any external attempts to access the network. In addition, multiple layers of firewalls are used to guard against unauthorized access to the network.
What happens to my account information if I unsubscribe from the service or just stop using it?
Once your request has been received, your information will be securely and permanently deleted from our database OR your account will be automatically deleted from the database after six months of dormancy.
How frequently do you evaluate your security systems?
The security infrastructure is reviewed at each major release or on a semi-annual basis.
Is my data secure during a "service outage" or "scheduled maintenance"?
In the unlikely event that the service is temporarily unavailable, your account information remains secure in our Internet server hosting space, which is protected by stringent Network-based and physical security measures. Your data is replicated between Australia and Hong Kong on an ongoing basis.
Is my personal identity protected?