Information security

An accounting firm manages sensitive data of multiple clients and personnel. From Social Security numbers and salaries to bank account details - a lot is at stake in this business. We understand the biggest nightmare for any accounting firm owner is a data breach, and so follow the best practice frameworks to ensure your client datais safe.
Learn more

01
Data management systems
Our delivery centers in India are compliant with ISO 27001:2013 for security and 9001:2015 quality management standards. We use restricted internet access, strong firewalls and web monitoring services to ensure your data can only be accessed by the authorized staff.
QXAS Inc Information security quality management standards
02
Physical data storage
We store all of your client information in highly restricted, access-limited servers within a state-of-the-art data center. Trained security personnel monitor these centers using the most sophisticated electronic surveillance systems on a 24/7 basis. Only authorized staff members can access the data on a “need to know” basis.
03
SSL encryption
All your interactions are secured through a bank-grade 256-bit SSL encryption. This means your data files cannot be read even if you are using an insecure network or a public WiFi network to view them.

04
Staff awareness
QXAS Inc exercises the principle of least privilege, and so we have manned entry points, biometric attendance systems and clear desk policies. All areas of operations are protected by a magnetic door locking mechanism with access to only authorized staff.
05
Seamless connectivity
Smooth communication lines form an integral part of the data protection process. Our employees work on secure systems with high-speed internet to ensure the communication over phones, emails and other official online channels never stops.
06
SOC 2 compliance
QX facilities are SOC 2, ISO 27001, and ISO 9001 compliant. We have a fully functional Disaster Recovery (DR) site at a remote location along with a Business Continuity Plan (BCP) that ensures operational continuity within 36 hours. The BCP is tested once a year as part of the SOC 2 compliance. Current anti-virus and malware programmes like Bitdefender and Sophos Anti-malware systems are in place organization-wide. BitLocker is used for encryption on all laptops. All external emails and internet traffic is screened for malware. All internet traffic is screened by the malware protection feature in the firewall FortiGate 500d.




Additional security measures
QXAS Inc IT infrastructure
IT infrastructure
Secure client login
Firewall defenses
Anti-virus or spam or spyware manager
Daily server backup
Continuously monitored web-access
Background check of employees
Dedicated IT team
QXAS Inc providing Data confidentiality
Data confidentiality
Employees sign an NDA as part of the hiring process
Limited internet access (unless there’s a process requirement)
Continuously monitored web-access
Disabled USB ports
QXAS Inc providing multiple physical security
Physical security
Biometric systems
Closed-circuit television cameras
Clear desk policies



Looking for a partnership model to reduce your time-consuming accounting work?
Information security at QXAS Inc