Security Measures
SCHEDULE A CONSULTATIONClient Portal Security Measures
“Our Client Portal is the Most Secure Client Portal available on the market.”
Your data is protected in extremely secure environments. Most Client Portal vendors provide 5 or 6 layers of security. CPA Site Solutions, who hosts our Client Portal, protects you with 14 full Layers of Security.
1. SAS 70/SSAE 16 Certified Datacenter
Not all datacenters are alike. You don’t want your client’s data hosted on a low cost “cheap” datacenter. The best datacenters are both SSAE 16 and SAS 70 Type II certified. That means a specially trained CPA Firm performed an in-depth audit attesting to the fact that the datacenter has sufficient processes, controls, and safeguards to keep your data safe from theft, corruption or mishandling.
Unlike the Type I Certification which only measures a certain point in time. The Type II Certification measures and evaluates security over time.
The Sarbanes-Oxley Act requires all publicly traded companies to use SSAE 16/SAS 70 Type II Certified datacenters. So you can protect yourself the same way publicly traded companies protect themselves, because all of CPASiteSolutions’ Servers are located in high quality SSAE 16/SAS 70 Type II Certified Datacenters.
The servers are housed in a secure, 24/7, around-the-clock, guarded facility with closed-circuit motion sensitive video surveillance. Physical access to the servers is strictly limited to only authorized datacenter personnel. And all personnel are further restricted by Dual Factor Biometric Authentication Barriers.
2. Encrypted File Storage
Almost all Client Portal providers encrypt the data as it’s transferred to the server. But what they fail to do is encrypt the data when it’s on the server. Since the data spends almost all it’s time on the server, we feel it’s necessary to store the data in an encrypted format.
If this were easy to do, everyone would be doing it. Storing data in an encrypted format requires a lot of programming from extremely high level security experts. All the encryption and decryption places a heavy load on the server’s processors so significantly fewer accounts can be placed on each server.
It’s expensive, but worth it when you consider that encryption is considered the most effective method of securing personal and corporate information according to corporate and government security regulators. In fact, many data protection laws specifically list encryption as a “safe harbor” exception to notification rules, and some laws explicitly require the use of encryption.
3. High Level Filename Obfuscation
As an additional level of security all of the filenames stored on the server are completely unrecognizable. Instead of meaningful filenames they are listed as a totally random set of characters and numbers.
On the very unlikely event a hacker finds their way into our servers, they would find it impossible to make any sense of the files. And remember, they can’t read the content of the files because all files are encrypted.
4. Forced SSL Transfer
Hackers have many ways to intercept data that is transferred insecurely over the web. And now it’s even easier with the wider use of laptops and wireless routers.
The best way to protect your data is to transfer the data over a Secure Socket Layer (SSL). SSL encrypts the data so the data is absolutely useless to anyone who goes through the effort of capturing it.
You are always protected because the Client Portal automatically recognizes if a user is trying to transfer information insecurely. The Portal then forces the transfer to occur under an encrypted Secure Socket Layer.
5. SQL Injection Protection
SQL Injection is a method hackers use to break into databases. Once in a database, a hacker can easily wreak havoc. Millions of websites are hacked with SQL injection every year. Even the United Nations website was recently hacked using SQL injection and cost hundreds of thousands of dollars to repair.
CPASiteSolutions’ Client Portal renders SQL Injection attacks completely useless because it utilizes the “Best Practice” of parameterized data calls.
6. Brute Force Login Protection
Brute force attacks occur when a hacker writes a program that runs through millions of common username and password combinations to gain access to a secure system.
You are protected from Brute Force attacks because after 3 incorrect login attempts the Client Portal uses CAPTCHA technology which requires a human to read an image that appears. This stops computer programs from guessing correct user and password combinations.
7. Strong Password Policies
Weak “easily cracked” passwords are unsafe. The client portal never allows weak passwords and allows firm administrators to require users to create passwords that meet certain levels of strength.
8. State-of-the-Art Firewall
CPASiteSolutions uses a state-of-the-art CheckPoint UTM-1 Edge Firewall that is configured with the least number of ports open and advanced IP restrictions.
9. Real Time Virus Scanner
The server is continually scanned for viruses and the virus database is updated every hour.
10. Encrypted “Cross Server” Backups
Another common hack is to attack and gain access to backups. Backup media often is held and transferred in “less secure” environments. Hackers know this and often find ways to gain access to backup data.
This is impossible with CPASiteSolutions’ Client Portal because the backup files are encrypted and stored in extremely secure facilities. Even if a hacker got their hands on our backups they would not be able to access any information because of the high level file encryption.
11. FireSlayer – Denial of Service Attack Protection
The servers are additionally protected from denial of service attacks. A denial of service attack is made when a virus infects thousands of computers on the Internet. Then all those infected computers make repeated requests to a single server. The targeted server often can’t handle the load and crashes. The FireSlayer system detects this kind of activity and automatically blocks the abusive traffic on-the-fly.
12. TippingPoint – Intrusion Prevention System
Hackers attempt to gain access to servers in many different ways. That’s why we use the award-winning TippingPoint Intrusion Prevention System. This system fully inspects every packet of data coming to the servers, then instantly determines whether it’s legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.
13. Detailed Audit Trails and Reporting
All accounting firms must comply with the Gramm-Leach-Bliley Act and are specifically accountable for the safe and verifiable delivery of sensitive information. Firms must additionally make sure the intended recipient is the only recipient.
The Client Portal provides records of every transaction and allows you to…
- Reduce the time and cost of complying with privacy regulations
- Prove that information has not been leaked
- Eliminate the customer service costs associated with disclosure of a data breach
- Eliminate the legal liability associated with data breach disclosure
14. Operating System Hardening and Patch Management
There is a lot more to managing secure servers than you may realize. Server Operating Systems are not secure when they come out of the box. It takes highly skilled software technicians to hone and harden the System Software to minimize exposure to current and future threats.
Our servers are continually updated with the newest OS patches, hotfixes and updates to reduce the threat of security attacks and system downtime.
These advanced security measures are fully compliant with Sarbanes-Oxley and Gramm-Leach-Bliley.
Talk to one of our Accountants Today
OUR SERVICES
Accounting
- Statuary Accounts
- Management Accounts
- Bookkeeping
- Business Plan
Tax
- Tax Investigation
- Capitol Gains Tax
- Tax Advisory
- Corporation Tax
Consulting
- Registered Office Address
- Company Formation
- Company Secretarial
- Legal Helpline
QuickBooks/ Bookkeeping Services
All of the financial information and data for your business should be organized and in one place so it is easy to access. With our bookkeeping services, we will organize and manage your financial information within the QuickBooks software so you can easily access it at any time. While we manage your financial matters on a daily and monthly basis, you will be in control as we will keep you updated and ensure you can access and monitor your finances. If you are applying for a loan, doing your taxes, or budgeting, having quick access to your financial information is important. We can assist large businesses and provide small business bookkeeping.Advisory Services
Our accountants can take on an advisory role with your company through our business consulting services. We will work with you to understand your financial goals and help you make the right decisions to reach your goals and help your business grow and become more profitable. Our business advisory services include advisement for investments, taxes, payroll, bookkeeping, administration, and more.Estate Planning
It is important to manage your estate to help protect its value and ensure that your assets are distributed properly between your beneficiaries. Our accountants can assist with your estate planning, including managing the taxes to preserve its value and ensuring that your assets are distributed according to your wishes. Our estate accountants will identify ways to protect your estate from inflation and taxes and minimize what you are paying in taxes to maximize its value.Sales Tax / Nexus
Sales tax rates and laws are decided locally and differ between states and cities. This can make sales and use tax difficult to manage for businesses, especially those that operate in multiple cities and states. Our certified public accountants can help manage your sales and use taxes by ensuring that you are in compliance with applicable sales tax laws and identifying opportunities for refunds and exemptions. We have a thorough knowledge of sales tax laws and we can even help businesses that operate in multiple states with filing their taxes. Using Nexus tax analysis, we can help multi-state businesses stay in compliance with all applicable tax laws.Payroll Services
We provide payroll services to small businesses and international businesses that operate in the U.S. Our accountants will streamline your payroll process and manage the tax withholdings and benefit deductions from employee paychecks. We can also file the tax returns for your business that account for the tax withholdings.Call the CPAs of STE Corporation
Contact our CPA firm if you want to work with our accountants to help manage the finances for your business in Park Ridge, IL. You can call STE Corporation at (815) 836-0100 to talk to our professionals or schedule a free consultation.FREQUENTLY ASKED QUESTIONS
WHAT OUR CLIENTS SAY ABOUT US
“Everyone at STE has been amazing. As a small business owner it is essential to have people on your team that are experts in all areas. When it comes to finance and taxes Jim and the team at STE fill that need. Thanks for being great at what you do and always be there!”
“STE has been handling our personal, business accounting, and payroll for years. They are knowledgeable, easy to reach, and very welcoming. Would definitely recommend them.”
“I have had nothing but pleasant experiences at STE. They are knowledgeable and provide great service.”
“We have used STE Corporation for our payroll and tax service needs over the past 3+ years and extremely pleased with the partnership we have created.”
“My husband has operated his painting business since 2004, first as a sole proprietorship and later as an S corporation. STE has been instrumental in helping him grow his business and remain in compliance. I cannot thank Mike, Marybeth, Jim, and Lisa enough for helping him get organized and stay that way. They have truly been the business office he needed in order to focus on the part of his business he enjoys – painting and customer service Their professional staff literally have never let him down – payroll, state taxes, federal taxes, consultation, ledger reconciliation, profit and loss sheets, and probably lots of things I do not even know about! Hiring this firm was the best decision he could have made. He looks forward to visiting the office, everyone makes him feel like family. I appreciate their professionalism and efficiency. Thank you STE!”
OUR SERVICES
Accounting
- Statuary Accounts
- Management Accounts
- Bookkeeping
- Business Plan
Tax
- Tax Investigation
- Capitol Gains Tax
- Tax Advisory
- Corporation Tax
Consulting
- Registered Office Address
- Company Formation
- Company Secretarial
- Legal Helpline