Sage Intacct Security Features: Safeguarding Your Financial Data

Though the UK is one of the countries least likely to be affected by a cyber security incident (with 42% of SMBs reporting one), UK businesses still see keeping on top of new cyber threats as one of their biggest challenges.

It’s natural that that challenge would extend to their adoption of accounting software. Choosing to move onto such a solution is a big investment – and if data is lost, the cost can be even bigger.

In this article, we’re going to answer the questions business leaders have about Sage Intacct’s security features, its credentials, and how your precious financial data stays protected.

Key Security Features of Sage Intacct

Encryption

Data that you enter into Sage Intacct is encrypted. This is the same whether you’re accessing the data via their online services (which have Transport Layer Security, or TLS), or via Sage databases in the cloud. The latter is ‘encryption-at-rest’, meaning that even if the hard drives themselves were stolen, the data would be inaccessible to someone who couldn’t break the encryption.

Role-Based Access Control (RBAC)

Role-based access control, or RBAC, is one of the key benefits of Sage Intacct. It’s pretty self-explanatory; by assigning users specific roles, you can control their access, limiting it to certain functions.

You can also make appropriate users Super Users – meaning they have access to every area of Sage Intacct. This is useful if you’re in a position of financial management, for example as a Financial Controller.

Since RBAC lets you control who can access what data and perform which actions within a system, it stops people from using data that’s not vital to their job. The fact that everyone is granted only the minimum level of access that they need – the ‘principle of least privilege’ – makes data leaks and breaches less likely.

RBAC also gives you a solid basis for having a more centralised control policy. With a clearer view of permissions, security policies can be enforced more consistently across the business. This reduces the possibility of there being inconsistencies or loopholes that could be exploited by attackers.

Multi-Factor Authentication

Two factor authentication (also known as 2FA) is a great way to ensure your security when logging into any application – and it’s no different with Sage Intacct. It’s named as such because it will only allow access after you’ve provided two distinct pieces of identification – like your password, and a numerical code. This extra layer of protection means that there’s a smaller chance that your data will be compromised by a brute force attack.

You can set up 2FA in Sage Intacct by going to Account Management and selecting the two factor authentication option. You’ll also need a mobile device to hand.

Compliance and Regulatory Standards

When you’re running a business’s finances, you already have enough going on without worrying about making sure every transaction is compliant.

Sage Intacct – and other Sage products – are built to comply with industry standards. These include ISO 27001 (an international standard that defines the requirements of an information security management system), and PCI DSS. Intacct is also compliant with GDPR laws.

Data Backup and Disaster Recovery

Loss of data is something no business leader wants to think about. Sage knows this, and so Intacct has a comprehensive Disaster Recovery capability.

For customer data, they have a Restore Point Objective (RPO) of no more than 4 hours – meaning this is the maximum amount of data that can be lost after a recovery from a disaster. Their Restore Time Objective (RTO) – i.e. when your data should be restored by – is no more than 24 hours.

Continuous Monitoring

Last, but not least, Sage Intacct’s approach to security is proactive, not reactive. Their software has 24/7 monitoring, meaning they are constantly looking out for new security threats.

Sage also keeps customers informed about new updates and security changes, sharing information on this via notifications within the Intacct system, and outside of it.

No security system is perfect. And it’s worth noting that there are many small ways that businesses can improve their cybersecurity themselves. But with other priorities constantly competing for your headspace, it’s good to know that certain things are taken care of.

When businesses are secure, stakeholders have more confidence to engage with and invest in them, and business leaders can devote more time and resources to growing and innovating.

So, a secure financial management system doesn’t just protect a business – it’s a strategic investment in its future success.

With Sage Intacct, your business won’t have to choose between security and efficiency. Contact PKF Smith Cooper Systems today on 01332 959008, or use the enquiry form, to find out more.