How Secure is my Nonprofit’s Financial Data? It’s a question that we are regularly asked. It’s a question that should be top of mind with every nonprofit.

Operational disruption, Viruses, ransomware, and old-fashioned theft are all possible if security practices and measures are not in place.

While the answer might be heavy in technical lingo, it’s an answer we’re happy to provide. The financial accounting system we deploy on your behalf is cloud-based Intacct and it offers levels of security that most nonprofits (and businesses for that matter) would not be able to afford on their own.

There are four levels of security when you outsource your accounting to Qbix because we use Intacct as the hub of your accounting system: Physical and network security; application security; system security; and data-level security.

Nonprofit Financial Data SecurityPhysical and Network Security – Nonprofit Financial Data Security

Just like a commercial jetliner has redundant engines, Intacct has redundant Fortune 100-class data centers: one in Santa Clara, California (operated by Century Link) and one in Sacramento, California (operated by Quality Technology Services. They are monitored 24-hours a day, 7 days a week, 365 days of the year and provide full data recovery within 24 hours in the event of major disaster. Data center features include: Multiple fiber trunks and mirrored RAID storage; standby servers and redundant network component; and redundant uninterruptable power supplies and parallel redundant generators.

Application Security – Nonprofit Financial Data Security

There are security features built into the Intacct application that serve to prevent outside attacks. Also built into the software are security measures that are provide the right people get the right level of access to your Intacct solution. Features include:

• Highly granular level of control over user access
• Option of requiring 2-step user verification every time a user signs on through an unrecognized device
• Enforced password changes and automatic session timeouts
• Option to set acceptable IP ranges from which users may log in

System Security – Nonprofit Financial Data Security

Intacct is designed to prevent unauthorized programs, systems, and users from getting access or control of system processes, resources, and data. Features developed to protect your nonprofit organization include:

• PCI DSS Level 1 certified
• Intacct is responsible for maintaining all applicable PCI DSS requirements to the extent Intacct handles, has access to, or otherwise stores, processes, or transmits customer’s cardholder data or sensitive authentication data, or manages customer’s cardholder data environment on behalf of a customer.
• Tightly restricted access to production data including biometric access controls
• Hardened networks and firewalls
• Real-time activity log tracking
• Automated security scanning and third party white hat penetration testing
• Virus resistance reinforced through software architecture
• Oracle database secured with advanced security
• Minimum 128-bit encryption for all data transmission

Data-level Security – Nonprofit Financial Data Security

Intacct is built on the highly reliable Oracle database infrastructure, helping to ensure you can access information at any time of day, every day of the year. Data-security measures include: Full daily backups to multiple locations; continuous backup of transaction data; and secure streaming of transaction data to remote disaster recovery center.

We promised a lot of technical jargon and we probably over-delivered. But the important point to take away is that your nonprofit’s sensitive financial data is wrapped in four layers of security at the very minimum. We can work with you and share some best practices you can employ with regards to your internal processes to further secure your financial data.

You can enjoy peace of mind where your nonprofit financial data security is concerned when you outsource your accounting to Qbix.  Contact us – we’re happy to speak with you!

Rocky Davidson Macon, GA