Acumatica designed to satisfy the stringent security requirements of financial institutions, health-care entities and government organizations. Acumatica provides a complete set of security features including access controls, data encryption and server based processing to meet the strongest security requirements.
All business logic and data processing performed on a server located in a secure location of your choice. Data is stored in an encrypted format on the database and all communication over the network encrypted.
Comprehensive auditing Role-based access controls allow you to involve temporary workers, investors, and external contractors (auditors, accountants, customer service personnel, tax preparers, etc.).
TOP 10 SECURITY BENEFITS OF ACUMATICA
1) Customers Controls Where Data is Stored and Processed
Unlike many web-based applications, Acumatica allows full control of where data is stored and processed and likewise allows full control over who has access to maintain and use the system. Acumatica can be installed at any location or with an independent Hosting or Cloud Services provider. Hosting providers offer 24 x 7 x 365 staff in physically secure data centers that exceed what most businesses can provide internally – and often at a lower cost. For some organizations, data and processing must be performed internally at locations mandated by government or corporate policy. Utilizing Acumatica, the choice will be yours.
2) Server Processing with Acumatica
All business logic processed will be stored on the server and not on the individual user’s computer or in a web browser. Unlike some applications that process business logic in the browser, all calculations, validations and reports processed will be stored on the server. Since the business logic never leaves the server, there is less of a chance for anyone to learn how the system works.
3) Strong user Authentication
User logins can be limited to access from specific IP addresses. Ability to define length and strength features of individual user passwords, and frequency that passwords are to be changed. User browser sessions time out automatically after a period of inactivity as defined. A One Time Password (OTP) system may optionally be installed which issues new passwords every few minutes to users linked to the user’s cellular phone or to a small device that may be alternatively attached to a key chain.
4) Data is Stored Only on the Server
Customer, vendor, employee files, transactions, wiki pages and all other data remains on your server. As users complete forms, only the small bits of data they actually see are transferred to the web browser – and even only then for a brief instance. Once forms are completed, no data remains in the browser and data is never stored on the user’s computer.
5) Encrypted communications
To transfer information between Acumatica and the user’s browser, Acumatica uses https:// – the same encryption technology used by financial institutions, health-care facilities and government organization to ensure that no one can ‘listen in’ on data. With Acumatica, there are no performance penalties for using https://.
6) Database Encryption
Acumatica protect especially sensitive information and encrypts certain fields such as credit card numbers, social security numbers, names and rates of pay, within the SQL database. This protects you in the event a backup copy of your information is lost or stolen. You can designate whatever fields you wish to encrypt in this manner.
7) Menus Display Only Authorized Screens, Reports and Pages
User menus display only the applications and pages authorized for each person. Reduces the complexity of the application for individuals and speeds learning.
8) User Screens and Reports Display Only Authorized Information
Data items not authorized for user viewing will not display on forms or reports. Pop-up inquiry screens that help users fill out forms only display information that users are authorized to view.
9) Role-Based User Security
Create a Security Access Levels assigned by Role reducing the number of security settings and the chance for error. Unlimited number of roles, there is no limit to the types of security rights granted.
10) Re-validation within a Single User Session
Each transmission between the browser and the application server is re-validated from an encrypted key. Acumatica’s data security is Payment Card Industry Data Security Standard (PCI-DSS) compliant.