Safeguard Your Clients' Data with a First-Rate CPA Site
Does your website include a secure file transfer system? Today pretty much all CPA or accounting website designs do, but not all file transfer protocols are the same. It's simple enough to see that your files are correctly encrypted and password protected. The weakest point in a lot of accounting website security isn't in the information management, it's the real datacenter that the information is stored to. Datacenters with professional looking websites and first rate code may very well be stored in the basement of a private residence. It takes a physical examination of a datacenter to determine it's real quality, and that can make shopping around rather expensive. You don't want your client's accounting data hosted on a low cost "cheap" datacenter.
A few years ago I had something of an epiphany when a transformer explosion outside a datacenter I was using was using disabled some of my clients' data portals. It wasn't just a matter of the power going down for a few hours. The explosion started a fire that actually damaged or destroyed a number of their servers. Well this really opened my eyes. It also threw me into something of a panic. I had spent ridiculous amounts of time creating the perfect online security system, but as an accounting website design professional I had become lost in code. I had not adequately considered the importance of the servers physical security! What good was all my hard work on the website and security design if the server it's running on isn't secure?
As bad as this was I got lucky. It could have been a whole lot worse. You know how it is when you come to a realization like this. You start to run "what ifs" around in your head, and each time your imagination runs into scarier and scarier places. It didn't take long to come up with some really terrifying worst case scenarios. A server sitting in an office building someplace would be easy pickings for a gang of identity thieves.
This is a pretty horrifying prospect. Not all identity thieves are in India or Russia. There is an increasing number of American gangs getting into the business. I had to address this, and address it fast.
After researching the subject for a few days I determined that the the best datacenters for storing information on your accounting website would be SAS 70 Type II certified. SAS 70 is a security protocol set up to audit accounting firms, and this includes reviewing their data centers. By law publicly traded companies have no choice but to use this type of datacenter, but it just so happens that they're requirements are exactly what I was looking for, rigorous and thorough. These exhaustive security audits are administered by the American Institute of Certified Public Accountants and performed by specially trained CPA firms.
Once I decided what I was looking for it was time to start shopping around. The difference between these data centers and the ones I had been using was night and day. They were secured in what can reasonably be described as a fortress. The facilities were locked and guarded twenty-four hours a day, seven days a week. They were also equipped with state of the art electronic security, including motion sensors and closed-circuit video surveillance systems. Physical access to the servers is strictly limited to only authorized datacenter personnel. When I made my choice I went high-end. I found a place that used fingerprint scanners, and nobody gets in without being authenticated by their own prints and a fingerprint from the guard at the front desk.
When assessing the security precautions of your accounting website design don't overlook the value of the physical security of your datacenter. Locating a first-class datacenter can be grueling but, providentially, someone has already done most of the work. Of course I'm an enormous fan of SAS 70 certification. The straight forward way to make sure your datacenter is acceptably protected is to make certain it's SAS 70 Type II certified.