We understand that when you use Qount, you are entrusting us with one of your most valuable assets - the financial data of your company. We treat this responsibility very seriously.
While we can’t publicize every detail of our security processes, we would like to provide a level of assurance by demonstrating our approach alongside some of the key tenets that we operate by.
#1 You own your data
We are in essence caretakers, looking after your financial data, in order to provide a service. We ensure that you have the controls necessary to manage access to your data.
When you delete a company we delete all the data associated with it and leave no traces. The data will exist in our backup for a period of time and then be removed ensuring no data remains with Qount.
#2 Always Secure
Security is not a one time bolt on operation. At Qount we are continuously evaluating and reinforcing our security approach. The team at Qount is highly qualified and experienced in IT and data security, being Certified Fraud Examiner by ACFE, Certified in ISO 27001 Info Security Management Systems and Certified in Info Security by ISACA. Every person on the team, every process implemented and every program developed is mandated by highest level security methods.
#3 Availability is key
The availability of your data is crucial to your use of Qount.
We backup and encrypt your data (256-bit AES encryption) before moving it to a secure offsite location in a secondary data center.
This means that, in the event of a disaster or an outage at our primary datacenter, we can recover quickly and continue to provide Qount from a geographically redundant secondary facility.
Hosting & Physical Security
Qount is hosted on Amazon AWS, a highly scalable cloud computing platform with end-to-end security and privacy features built in. Our team takes additional measures to maintain a secure infrastructure and application environment.
For more specific details regarding Amazon security, please refer to https://aws.amazon.com/security
Within each account, Qount provides for multiple levels of access to confidential customer data. You can invite or remove individual users from your account whenever you want.
Selected Qount staff can also access your data, for specific purposes only, and only when you provide permission.
External network access to our servers is controlled by a state of art firewall, which is configured and monitored according to industry best practice. The firewall is dedicated to Qount and not shared with any other parties.
Data protection & backup
We backup customer data every 6 hours. We also retain an encrypted copy of a daily backup in multiple geographic locations to aid in disaster recovery.
Company-specific data is kept separate through logical separation at the data tier, based on application-level access permissions and roles.
How can you stay protected?
Here are some simple steps you can take to stay protected:
- Create a password nobody can guess, so no dictionary words or family names. Be cryptic or use multi-word pass phrases - easy to remember, hard to crack.
- Don’t share your password with anybody.
- Don’t write your password on a sticky note and attach it to your computer.
- Keep your browser software up to date. We use and recommend Google Chrome.
Secure Sockets Layer (SSL) is an encryption technology used to protect data as it travels over the internet.
All Qount application communications are encrypted with 128-bit SSL, providing a level of encryption comparable to that used by banks and financial institutions.
Best practices are used in the transmission and storage of passwords within Qount.
All users must choose a strong password and an automatic lockout is enforced when incorrect passwords are incorrectly entered.
If you are inactive for an extended period while still logged in to Qount, you will be automatically logged out.
Third party audits and inspections
Qount engages independent security specialists on a regular basis. Our third party audits provide penetration testing, network scanning and source code reviews.