Security

CFO-approved security posture

Built with compliance in mind. SOC 2-ready practices, least-privilege access, and complete audit logging for every action.

Book a Demo
Our Approach

Security by design, not afterthought

๐Ÿ”’

Read-Only Integrations

We never modify your source systems. All integrations use read-only access to pull data. Your accounting and AP systems remain untouched.

๐ŸŽฏ

Least Privilege Access

Every user, every integration, and every process has only the minimum permissions needed. No broad access, no unnecessary exposure.

๐Ÿ“‹

Complete Audit Trail

Every action is logged. Every data access is recorded. You can see exactly who did what, when, and whyโ€”ready for any audit.

๐Ÿ”

Encryption Everywhere

Data is encrypted at rest (AES-256) and in transit (TLS 1.3). Your financial data is protected at every step.

Compliance

SOC 2-ready security practices

We follow SOC 2 security principles and are working toward formal certification. Our practices align with the Trust Services Criteria for security, availability, and confidentiality.

Note: We follow SOC 2-ready practices but are not yet SOC 2 certified. We're transparent about our security posture and happy to discuss our controls in detail.

Trust Services Criteria

  • Security controls implemented
  • Availability monitoring active
  • Confidentiality protections in place
  • Formal audit in progress
Access Controls

Control who sees what

Role-Based Access Control (RBAC)

Define roles like Admin, Finance Manager, and Viewer. Each role has specific permissions. Users only see what they need.

Multi-Factor Authentication

MFA is available for all accounts. Enterprise plans can enforce MFA for all users.

SSO/SAML Support

Enterprise plans support single sign-on with your identity provider (Okta, Azure AD, Google Workspace).

Session Management

Automatic session timeouts, concurrent session limits, and the ability to revoke sessions remotely.

Data Protection

Your data, protected

Data Isolation

Each organization's data is logically isolated. No cross-tenant data access is possible.

Secure Infrastructure

Hosted on enterprise-grade cloud infrastructure with SOC 2 certified data centers.

Backup & Recovery

Automated daily backups with point-in-time recovery. Data retained per your organization's requirements.

Data Retention Controls

Configure how long data is retained. Export or delete your data at any time.

Have security questions?

We're happy to discuss our security practices in detail. Request our security documentation or schedule a call with our team.

Contact Security TeamBook a Demo