Products

AUTYMATE TRANSACTIONS

Easy to use tool to autymate accounting
workflows to increase productivity and profit

CPA Client Engagement AutomationApplicationsAutymate Transaction | Bullhorn OneAutymate Transaction | QuickBooks OnlineBuy QuickBooks Online and Desktop at a Discount (up to 40% off)Autymate Transaction | Business CentralAutymate Transaction | Sage IntacctAutymate Transaction | NetSuiteAutymate Transaction | Xero
"Auty"-mations
Explore Accounting "Auty"-mationsExplore Ecommerce "Auty"-mationsExplore HR-Payroll "Auty"-mationsWhy "Auty"-mationsAll Connections

CPA engagement

Easy to use client engagement tools.

CPA Engagement | QuickBooks Online CPA Engagement | QuickBooks Desktop (Coming Soon)
Solutions

Accounting Automation

CPA Client Engagement AutomationFin Ops AutomationFranchise AutomationBullhorn One Accounting IntegrationAccounting Data VisualizationCustom Accounting Engagement

HR Automation

New Hire/Employee AutomationPayroll IntegrationHR Accounting AutomationBullhorn One HCM IntegrationHR Data VisualizationCustom HR Engagement

Healthcare Automation

Legacy System IntegrationsAcquisition IntegrationsProvider ProductivityMedical Supply Chain ManagementHealthcare Data VisualizaitonCustom Healthcare Engagement
Resources

Support

Help CenterAll ConnectionsCommunity“How to Autymate Your”

Learn

Case StudiesBlogTraining Center
Partners
Partner OpportunitiesReferral Partner ProgramAffiliate Partner ProgramCertified Partner ProgramStrategic Partnerships
Company
About Us
Autymate Platform
Integration CapabilitiesApp Generation & KPI Dashboards
Autymate SecurityContact Us
Sign In

Back to Autymate Legal

Autymate Security Overview

Last updated: December 9, 2020

Autymate is committed to providing a highly secure and reliable integration and business automation service. This includes maintaining the confidentiality of its customers' information and ensuring that customers' data will be available when it is needed. We use proven, tested, best-in-class security tools, technologies, practices, and procedures to achieve this.

Compliance

CyberGRX Audited

Autymate has successfully completed a 3-month security, disaster recovery audit by CyberGRX (https://www.cybergrx.com/).
‍
We passed the audit for a large account at a Bank that required us to go through 3-month security, disaster recovery audit by a company called CyberGRX the world's largest third-party cyber risk exchange. They validated us on 26 control measures and had us go through an intensive review that required us to provide proof of all of our measures. We passed with flying colors. See the results below. In this process, we had to prove how we handle security, disaster recovery, failover, etc...
‍
We scored 94% between all Security Measures:
‍
Below you can see that we scored very low risk on 26 different security measures ranging in the categories of Strategic, Operation, Core, and Management controls for security and disaster recovery.

As you can see above there is little security residual risk in the areas of Data Loss, Destructive Attack, and Fraud, based on the intensive security review that Autymate has completed.

As you see above based on the security review the overall exposure to risk is Low.

Here is the full 46-page CyberGRX vendor assessment report:  LINK
‍
Having this kind of validation in hand streamlines the validation process of Autymate and gives you the assurance you need to know your data is safe with Autymate.

PCI

Autymate uses PCI Compliant Level 1 audited payment processor Stripe for processing credit card payments for the Autymate services.

Hosting Environment and Physical Security

Autymate is hosted on public cloud infrastructure from Amazon Web Services (AWS). Both Amazon undisputedly maintains the highest standards of security for their data centers. You can read further about AWS here:
‍
aws.amazon.com/security/

HIPAA Compliance

AUTYMATE has demonstrated compliance with federal HIPAA regulation by completing Compliancy Group's proprietary 6-Stage HIPAA Risk Analysis and remediation process. Read the full post here LINK.

Network Security

The Autymate website is only accessible over HTTPS. Traffic over HTTPS is encrypted and is protected from interception by unauthorized third parties. Autymate follows current best practices for security, including the use of robust encryption algorithms with a key length of at least 128 bits.
Autymate also uses secure protocols for communication with third-party systems: usually HTTPS, but other protocols such as SFTP and FTPS are also supported. For on-premise systems, access requires installing an on-premises agent behind the firewall, which communicates outbound to Autymate over an encrypted link, using TLS 1.2.
Autymate uses a multi-tier architecture that segregates internal application systems from the public Internet. Public traffic to the website passes through a Web Application Firewall (WAF) and then is routed to internal systems running on private subnets. Interior, as well as exterior network traffic, uses secure, encrypted protocols. All network access, both within the data center and between the datacenter and outside services, is restricted by firewall and routing rules. Network access is recorded into a centralized, secure logging system.

Authentication

Clients login to Autymate using a password that is known only to them. Password length, complexity, and expiration standards are enforced. Passwords are not stored; instead, as is standard practice, only a secure hash of the password is stored in the database. Because the hash is relatively expensive to compute, and because a "salting" method is used, brute-force guessing attempts are relatively ineffective. Password reverse-engineering is complicated even if the hash value were to be obtained by a malicious party.
‍
Autymate users can optionally configure their accounts to use Two-Factor Authentication utilizing an authenticator app such as Google Authenticator, Microsoft Authenticator, or Authy.
‍
Autymate supports integration with 3rd party SAML compliant SSO systems. This allows an enterprise to manage access to Autymate as well as other enterprise applications and apply custom authentication schemes and policies.
‍
Autymate also supports Single Sign-On using 3rd-party credentials, including Google and Microsoft Office 365.
‍
Autymate supports automatic session logout after a period of time. Enterprises can set the appropriate timeout period according to their security needs.
‍
When Autymate recipes connect to remote systems using user-supplied credentials, where possible, this is done using OAuth2. In those cases, no certificates need to be stored in the Autymate system. However, if a remote system requires credentials to be stored, they are encrypted using a 256-bit key.

Application Development and Testing

Autymate has a comprehensive software development lifecycle process that incorporates security and privacy considerations. Design and code reviews and unit and integration testing are part of the process.
Autymate undergoes an annual penetration test of the website by a qualified third party. Also, regular internal vulnerability scans are conducted.

Data Privacy

Autymate has a public privacy policy, which details the types of personal information we collect, our handling of this information, and our customers' privacy rights.

Transaction Data Retention and At-Rest Protection

All data stored in the Autymate system is encrypted at rest.
‍
Autymate stores transaction-related data for a limited period to provide visibility into system activity, facilitate testing and debugging, allow re-running of failed transactions, and support long-running transactions. All transaction data is always encrypted in transit and when stored in Autymate's platform. Autymate stores transaction data in Google Cloud.
‍
Customers have control over the retention period of the transaction data. Also, Autymate provides the ability to mask out sensitive data in the transaction logs for additional security.

Incident Response

Autymate has deployed a variety of security and monitoring tools for its production systems. There is 24x7 monitoring of its systems' security status, and automated alerts are configured for security and performance issues.
While we don't anticipate there ever being a breach of our systems, Autymate has put in place a Security Incident Response Plan, which details roles, responsibilities, and procedures in case of any actual or suspected security incident.

Our Organization

All employees are subject to background checks that cover education, employment, credit, and criminal history. Employment at Autymate requires written acknowledgment by employees of their roles and responsibilities for protecting user data and privacy.
‍
Autymate maintains an information security training program that is mandatory for all employees.
Knowledgeable full-time security personnel are on staff.

Ready to Autymate your business?

Start for free

PRODUCTS

  • Autymate Transactions
  • AMT | QuickBooks Online
  • AMT | QuickBooks Desktop (coming soon)
  • CPA Engagement | QuickBooks Online
  • CPA Engagement | QuickBooks Desktop (Coming Soon)
  • View All Applications
  • AMT | Bullhorn One
  • AMT | Business Central
  • AMT | Sage Intacct
  • AMT | NetSuite
  • AMT | Xero
ACCOUNTING AUTOMATION
  • CPA Client Engagement
  • Fin Ops Automation
  • Franchise Automation
  • Bullhorn One Accounting
  • Accounting Data Visualization
  • Custom Accounting
HR AUTOMATION
  • Employee Automation
  • Payroll Integration
  • HR Accounting
  • Bullhorn One
  • HR Data Visualization
  • Custom HR
HEALTHCARE AUTOMATION
  • Legacy System Integrations
  • Acquisition Integrations
  • Provider Productivity
  • Supply Chain Management
  • Healthcare Data Visualization
  • Custom Healthcare

PARTNERS

  • Referral Partner
  • Affiliate Partner
  • Certified Partner
  • Strategic Partnership

RESOURCE

  • Case Studies
  • Blogs
  • Training Center
  • Help Center
  • Community

COMPANY

  • About Us
  • Integration
  • AppGen & Dashboard
  • Security

We help Accountants, Staffing firms and Healthcare professionals automate workflows to increase profits, improve productivity and save time. Learn More

Contact Us

support@autymate.com

Subscribe to Our Newsletter.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Copyright © 2021 autymate • All Rights Reserved |Privacy Policy | Legal
Facebook linkTwitter LinkLinkedIn LinkYoutube