Safety and Cloud-Based Accounting Software

By Kevin Stewart
Updated: September 29, 2011

Safety and Cloud-Based Accounting Software

Cloud computing is becoming the standard delivery mode for most enterprise software applications. While security is a consideration for any application, it is particularly important for accounting software. The major areas to consider when evaluating cloud computing accounting applications are:

•         Identity management
•         Application security
•         Data security
•         Privacy protection

Any cloud computing vendor should be able to provide satisfactory answers to questions regarding each of these security requirements.

Managing identities within cloud computing

Identity management controls access to the system that holds your data. In some cases the application provider will supply the identity management, or you can use your own identity management data through single sign-on (SSO) or other user authentication techniques. It is important to maintain appropriate security levels through standards for password length, complexity, and expiration.

Securing applications in the cloud

Application providers must create secure areas for their clients to store and manage their data. Usually firewalls are used to prevent unauthorized users from seeing or manipulating data that does not belong to them. Make sure that your provider has the appropriate controls in place to segregate and protect your data. Usually there are firewall specifications or other protections that vendors can provide to establish that adequate protections are in place.

Promoting data security in hosted applications

Data redundancy and backup are just as important in cloud computing as any other software environment. Accounting application providers should definitely have adequate backup procedures in place to handle your critical data. Ask for evidence of backup and restore procedures, and test these procedures on a regular basis. Also, it is a good idea to maintain your own backup data in a secure location.

Protecting privacy for users in hosted environments

Most accounting applications provide ways to mask critical customer data, such as account numbers, credit card numbers, birth dates, etc. Access to unmasked data should be restricted to only top level administrators who should have access to that information. You can review with your service provider how data privacy is controlled and protected in their application, and verify that their procedures meet the appropriate standards for privacy.

Using cloud computing for accounting systems does not present a different security risk from using any other type of hosted software. But there are certain controls and standards that must be met by vendors who offer accounting services in their hosted environments. Make sure that you investigate the security requirements listed above, and that you can establish that your data and application environment are adequately protected.


 

Featured Research
  • Building Secure Multi-Factor Authentication

    As threats to password security have increased in recent years, multi-factor authentication (MFA) has rapidly gained adoption as a method for increasing the assurance of authentication for consumer and enterprise web and mobile applications. more

  • Moving Beyond User Name & Password

    Typical web applications are protected with single-factor authentication: a user name and password. These credentials, in addition to being difficult to manage, leave sensitive data and applications vulnerable to a variety of common attacks. As enterprises adopt more cloud applications, addressing this threat will become critical. Unlike older on-premises applications, cloud applications are accessible to anyone on the public Internet. Multi-factor authentication (MFA) is designed to protect against the range of attacks that rely on stealing user credentials. more

  • CIO eGuide

    Data is becoming increasingly important in business. As a result, more and more organizations are becoming attractive targets for hackers. Data breaches caused by stolen credentials are on the rise. You need smarter tools to protect your organization against the monetary and reputational damage caused by a data breach. This guide will explain how Okta Adaptive Multifactor Authentication (MFA) provides the security that IT needs, while also providing the simplicity end users want. more

  • ERP in Higher Education

    ERP systems can greatly increase the efficiency of managing colleges, universities, and other educational facilities. GIven the advantages, it’s not surprising that many of the top educational institutions in the world are adopting ERP systems. That doesn’t make it right for everybody, though. There are cons to using ERP in education as well. more

  • ERP Providers Comparison Guide

    As we’ve mentioned before, there are hundreds of ERP vendors to choose between. This makes choosing one hard, but no less important for your business. Getting overwhelmed and making an uniformed decision certainly isn’t ideal, but neither is spending days upon days researching all your options. more