Category:Security
This page is meant to organize categories, please see the below listings to navigate the sub-categories and articles.
This category contains articles related to SmartSimple security.
Overview
SmartSimple handles client data with the utmost integrity. Security features and functionality exist at all levels of our system - from administrative controls to encrypted servers which are securely housed in a SSAE 16 (SAS 70*) data center.
Within our system, our internal system security is a two-tier model:
- User access is firstly hierarchically-dependent and can furthermore be restricted by role; field-level security is also based on role
- Manager permissions control access to higher-level functions within s
The below chart is a broad overview of our security licenses and features:
Certifications, Memberships & Compliance |
|
Encryption & Protection | |
Role-Based Permissions |
|
Applicant Screening |
We've built in comprehensive screen options through OFAC and GuideStar™. We also integrate with international tax authorities to verify charitable status:
|
System Lockdown | At the first sign of an attempted breach of security, your SmartSimple instance can be placed on lockdown. This ensures that access is limited to parties who are addressing the security concern. |
Forensic Auditing | With your permission, SmartSimple can track system usage and provide you with detailed access reports. This may help to identify any unauthorized access resulting from issues such as shared passwords and malicious data manipulating. |
Reader Log and Field Change Tracking | All field changes are tracked and auditable. |
Two-Factor Authentication | Protect your organization and system by requiring an additional layer of user verification beyond a username and password. Two-factor authentication drastically reduces the incidence of online identity theft and fraud. |
- SSAE 16 supersedes Statement on Auditing Standards (SAS) No. 70 with the professional guidance for performing a service auditor's examination.
- Our hosting server, AWS (Amazon Web Services), is FedRAMP authorized, follows ISO 27001 best practice guidance, and is a PCI DSS Level 1 Service Provider.
Subcategories
This category has the following 3 subcategories, out of 3 total.
Pages in category ‘Security’
The following 62 pages are in this category, out of 62 total.