Security & Privacy

Our data aggregation technology captures and manages highly sensitive financial information and we place great emphasis on safeguarding this information and maintaining a high level of security around it. We employ industry-leading technologies and policies to protect the confidentiality and privacy of each user’s financial and personal data. We vigilantly update our systems to stay at the forefront of security, privacy and continuity protection.

At ByAllAccounts, we have created a high-security environment designed to insure the privacy and security of its clients and their data. To assure this security, we employ a number of different technologies including:

• Network security
• Application security
• Encryption

All personal user information is stored in an encrypted format in the ByAllAccounts database, and is transmitted in that encrypted format within the network.

Production systems are run on dedicated equipment housed in a SAS70 Type II certified environment at SunGard Availability Services.  The environment includes state-of-the-art security, redundant power, redundant high-speed Internet connections, system monitoring and management, comprehensive backup, and disaster recovery.

We perform extensive security checks on our employees and have implemented stringent internal controls with regard to sensitive information.

Our security and privacy policies and procedures are reviewed by independent auditors on a periodic basis. In addition, we keep access logs and other historical information to provide clear audit trails. It is important to note that as part of the overall security process, we do not publicly provide specific details regarding our security procedures and processes. We would be happy to discuss any questions or concerns regarding our security, backup, or disaster recovery plans and processes or the security vendors we employ.

BITS Voluntary Guidelines for Aggregation

ByAllAccounts complies with the BITS Voluntary Guidelines for Aggregation. BITS, the Technology Group for The Financial Services Roundtable, was formed in 1996 by Spencer Eccles, chairman of Wells Fargo and Terrence Murray, Chief Executive Officer of the FleetBoston Financial Corporation. The membership includes CEOs of the largest bank-holding institutions in the United States. The BITS organization serves as the strategic “brain trust” for the financial services industry in the e-commerce arena.

The BITS Aggregation Services initiative’s goal is to create a more secure operating model for aggregation and to create industry options and recommendations for a cooperative approach to data feeds and authentication. Technology providers, such as ByAllAccounts, government regulators and financial institutions regularly participate as members of the Aggregation Services Working Group. Participants generally include senior executives involved with aggregation services, activities, policies or business practices.

ByAllAccounts has reviewed the BITS Voluntary Guidelines for Financial Services that set forth best practices for security, privacy and consumer education in aggregation services and is in substantial compliance with these guidelines.

SAS 70

SAS 70 - Statement on Auditing Standards (SAS) No. 70, Service Organizations, is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). An SAS 70 audit or service auditor’s examination is widely recognized, because it represents that a service organization has been through an in-depth audit of their control activities, which generally include controls over information technology and related processes. In today’s global economy, service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers.

View our security video here