The Auditi applications are hosted solely in the DATEV eG data center. DATEV is responsible for the physical security of their infrastructure.
The Auditi applications are hosted solely in the DATEV eG data center. DATEV is responsible for the physical security of their infrastructure.
The DATEV data center handles multiple petabytes of data at the highest level of security. It is ISO 27001 certified and meets the highest standards. For more information and certificates, please visit the DATEV website:
https://www.datev.de/web/de/m/ueber-datev/datenschutz/zertifikate/
By default, our data is hosted at the DATEV data center, which is located in Nuremberg, Germany. However, in order to comply with local data residency laws, we are able to host Auditi in any country that you require. If this is something you require, please let us know during your demo!
This level involves ensuring that every component of the system is secure, for example: application code, databases, configurations, and third-party libraries. It includes potential weak points inside and outside of the application.
Application security is a team effort. When developing Auditi, security was our top priority. Our team of developers consistently carry out code reviews to ensure that only high-quality secure code makes its way into our product. We have many manual and automated tests that measure the security of potential weak points like SQL injections, cross-site scripts, session and authentication weaknesses, and much more. In addition, we carry out regular penetration tests.
Network security involves rules and controls to limit or reduce the incoming and outgoing traffic to production systems as well as the traffic within the system. It ensures that the necessary firewall rules exist and prevents attacks like malware, distributed denial of service (DDoS), as well as other potential exploits.
Auditi monitors the system together with DATEV to detect any potential threats. We implement firewalls within our infrastructure as well as within our application to protect against internal and external threats. Additionally, we have an escalation protocol to quickly handle any problems.
Auditi works together with DATEV to reduce the risk of DDoS-style attacks. In the event of a DDoS attack, DATEV has protocols and measures available, which reduce the effects of such an attack and ensure the system remains stable.
Data privacy means making sure that your data as well as your employees' data is safe – whether inside the system or during data transmission over the network. This includes not only things like encryption, but also legal requirements like where data is located, who has access to it, and how requests to receive this data are handled.
All traffic between Auditi and the user is SSL-encrypted. All communication with Auditi takes place via APIs which are verified by third party security companies.
Auditi also relies on the strict security guidelines from DATEV as well as their certifications which provide a key element to protecting your sensitive information.
Communications through Auditi are encrypted.
Information sent to and from Auditi (data in transit) is encrypted using TLS, the industry leader in encryption mechanisms.
Stored data (data at rest) is also encrypted.
By default, all your data is stored in the DATEV eG data center in Nuremberg where the data never leaves Germany, in accordance with national regulations.
If you are required to host Auditi in a different country due to data residency laws, we are able to accommodate this on request.
Clients have full ownership of their data. Auditi does not access client information or use it for any purposes other than what is legally required or for the maintenance of our applications and for providing services to our clients and end-users. We never sell, share, or use client information for marketing or advertising purposes.
There are controls in place to prevent Auditi employees from gaining access to data other than what is provided by the client. Auditi takes great measures to ensure that users outside the organization have no access to the company and that all data within an account can only be seen or edited by authorized users chosen by the client.
Yes, the DATEV data center is used for hosting as well as regular backups. This data is fully encrypted. These backups, which include all user data and system protocols, are created daily and available for a limited time to be restored.
Auditi requires password authentication and optional Two-Factor authentication to access the system. Once the user is in the system, they must be given permissions in order to carry out additional operations or access certain information. With permissions, you can decide who has access to what.
No. Your organization is responsible for developing suitable security guidelines for passwords and when using the security features provided by Auditi.
We created permissions so that you can decide who has access to the system and determine what they can or do. More information can be found in the Auditi user documentation.
Auditi does not accept weak or commonly used passwords. You will receive a notice that your password is not allowed.
You want to make sure that your service provider can guarantee that all services are available when you need them. A key component of availability is ensuring redundancies for data as well as for infrastructure so that there exists no single point of failure.
Our dedicated team makes sure that our platform is ready and available whenever you need it. To offer you stable, high-availability services, we have built our system with redundant components, consistent monitoring, regularly planned integrity checks, and other similar features. We also carry out frequent backups to prevent work loss.
Does the provider have a strong track record of delivering high-quality stable solutions? Do they ensure that the needs and expectations of their client are met? Will they remain operational in the long-term? Choosing the right service provider is like choosing a business partner – make sure you have earned their trust to meet the needs of your business now and in the future.
Auditi was founded in 2012 and is providing software to over 250 audit firms - from single practitioners to BIG4 audit firms. You can learn more about our customers here: https://www.auditi.com/customers