For every organization that’s purchasing lease accounting tools to comply with the new FASB and IFRS standards (which is just about everyone), data security is a major concern.
We’re talking about your company’s financial records, so rock-solid security is essential. Don’t forget that accounting auditors will want to know how your lease accounting software protects your information and ensures data integrity.
As part of your lease accounting software comparison, be sure to check for the following security credentials and capabilities that ensure the safety of your data.
5 data security checks to include in your lease accounting software comparison
1. Physical security of servers.
Most lease accounting software is cloud-hosted, which is the best option for a number of reasons. Given the timeframe for complying with the new lease accounting regulations, probably the most important reason for you is that a cloud-hosted solution is faster and easier to implement. It’s also much less expensive.
However, choosing a cloud-based lease system means you must do your due diligence to ensure that your chosen vendor will keep your data safe. Be sure to ask these questions during your lease accounting software comparison:
- Do they have redundant servers in multiple locations?
- What type of physical security protects the buildings where servers are housed?
- Who has access to those servers and for what purposes?
2. Data encryption.
Data is regularly moving into and out of your lease accounting software. For example, you’re importing new lease records, entering updates to lease records, and sending journal entries to your general ledger. Your data must be secured both when it’s at rest on the servers, and when it’s in transit as records are added, modified, or exported.
Your lease data should be encrypted anywhere it is stored, and it must be encrypted via SSL when traveling to and from the servers.
3. User authentication.
You won’t find lease accounting software that’s not locked down; users must enter a user name and password to access the system. However, when doing your lease accounting software comparison, look for these authentication features that enhance security.
Control of login credentials. Make sure all parts of the system are password protected. It’s also important that your system administrator create and manage login credentials for your users. If your lease software vendor can create a login for anyone who asks, that’s a security risk. Your vendor should only provide login credentials with your administrator’s approval.
Password policy. In many organizations, lease software passwords must match your corporate password policy. Look for your lease software to provide flexibility so your administrator can set the desired password length, strength and expiration rules.
Multi Factor Authentication. Some organizations want the extra security of multi factor authentication. How does that work? Users enter their user name and password, and the system emails them a second one-time password that they must enter to access the lease software.
Authentication via Single Sign On (SSO). Your lease accounting software should provide the option to use your organization’s existing security store to authenticate users. If you have implemented centralized security system, enabled for single sign on, your employees can log in once and have access to all their applications. However, the big benefit is the ability to quickly and easily revoke access to everything if an employee leaves the company. Your users and their access permissions must be set up in your lease software, but they are linked to your centralized security store accounts so users can only log in using this system.
4. IP whitelisting.
Some organizations want to limit access to the lease software so that users can only log in from secured devices connected to the corporate network. IP whitelisting limits access to specific IP addresses or a range of IP addresses.
5. User roles and permissions.
Especially for comprehensive lease software (like Visual Lease) that manages the entire lifecycle of your leases, including administration and accounting, the design of user access and permissions is critically important for data security. Here are some items to check as part of your lease accounting software comparison.
Levels of administrative access. While most organizations have a single system administrator, look for the flexibility to allow some managers different levels of administrative permissions.
Separation of duties. What you want to see is a separation of roles and associated access rights within the various parts of the lease system. For example, a lease administrator may be able to create and modify lease records, but won’t be allowed to work with the accounting feed or create lease accounting calculations. On the other hand, you may want an accountant to send interface files to the ERP, move data to the general ledger, and approve invoices for payment. But you may want to prevent that user from creating payments. The goal is to give people access to only the capabilities and data they need to do their work and lower the possibility for fraud or malfeasance.
Group permissions. The best lease accounting software has a set of defined roles with pre-assigned permissions. That makes it easy to set permissions for users simply by assigning them to a group.
Here’s a great tip: creating a role for lease abstractors can be extremely useful. You can allow abstractors (who may be outside contractors or service providers) with the ability to create pending records but not to change live data. Then someone with a higher security level can review and validate the data before making it active. Doing that enhances your data integrity with another layer of authentication.
Individual level controls. While group permissions save you time, you also need the flexibility to control certain rights at an individual level. Look for the ability to can add or remove specific rights as needed from users assigned to groups.
Data security validation for Visual Lease
When filling in your lease accounting software comparison checklist, you can check all the data security boxes for Visual Lease. We have earned SSA18 SOC 1 Type 1 certification following a comprehensive independent audit that verified our controls and operations.
We’re happy to show you exactly how we keep your data safe. Give us a call or request a personalized demo.
Get more tips for your lease accounting software comparison: Get the Best Lease Accounting Software By Comparing Price & Value