We understand that when you use Fathom, you are entrusting us with one of your most valuable assets - the financial data of your company or client. We treat this responsibility very seriously.
While we can’t publicise every detail of our security processes, we would like to provide a level of assurance by demonstrating a careful, pragmatic approach alongside some of the key tenets that we operate by.
We are in essence ‘caretakers’, looking after your financial data, in order to provide a service. We ensure that you have the controls necessary to manage access to your data.
When you delete a company that was imported from a cloud accounting system (eg. Xero, MYOB AccountRight Live, QuickBooks Online), we also delete any associated access tokens ensuring we can no longer access your company data through the accounting provider’s API.
If at any time you wish to remove a company from Fathom, you can simply delete the company from within Fathom. The data will exist in our offsite backup for a period of time and then be removed ensuring no data remains with Fathom.
Security is not a ‘set-and-forget’ operation. At Fathom we are continuously evaluating and reinforcing our security approach through an internal documentation & review process.
We also engage independent security specialists on a regular basis. An independent review by experienced security professionals provides a fresh set of eyes and keeps us up to date with the latest developments in the security industry.
The availability of your data is crucial to your use of Fathom.
We backup and encrypt your data (256-bit AES encryption) before moving it to a secure offsite location in a secondary data center.
This means that, in the event of a disaster or an outage at our primary datacenter, we can recover quickly and continue to provide Fathom from a geographically redundant secondary facility.
Fathom is hosted on Microsoft Azure, a highly scalable cloud computing platform with end-to-end security and privacy features built in. Our team takes additional measures to maintain a secure infrastructure and application environment.
For more specific details regarding Azure security, please refer to http://azure.microsoft.com/en-us/support/trust-center/.
Within each account, Fathom provides for multiple levels of access to confidential customer data. You can invite or remove individual users from your account whenever you want.
Selected Fathom staff can also access your data, for support purposes only, and only when you provide permission.
External network access to our servers is controlled by a Cisco enterprise-grade firewall, which is configured and monitored according to industry best practice. The Cisco firewall is dedicated to Fathom and not shared with any other parties.
We backup customer data every 6 hours. We also retain an encrypted copy of a daily backup in multiple geographic locations to aid in disaster recovery.
Company-specific data is kept separate through logical separation at the data tier, based on application-level access permissions and roles.
Here are some simple steps you can take to stay protected:
Secure Sockets Layer (SSL) is an encryption technology used to protect data as it travels over the internet.
All Fathom application communications are encrypted with 128-bit SSL, providing a level of encryption comparable to that used by banks and financial institutions.
Best practices are used in the transmission and storage of passwords within Fathom.
All users must choose a strong password and an automatic lockout is enforced when incorrect passwords are incorrectly entered.
If you are inactive for an extended period while still logged in to Fathom, you will be automatically logged out.
Fathom engages independent security specialists on a regular basis. Our third party audits provide penetration testing, network scanning and source code reviews.