Security

Tax Guard is committed to establishing and maintaining an exceptional level of security for our customers

Overview

Application Security

Logical Security

Tax Guard achieves application logical security by leveraging industry-leading security tools to ensure and enforce data protection, client data partitioning, and access controls based on the user’s security profile. All interactions between users and the application are evaluated for proper authorization before data is accessed.

Physical Security

Tax Guard’s applications are hosted within leading cloud providers’ data centers. Each facility operates 24x7x365 and is designed to protect operations from power failures, physical intrusions, and network outages. All data centers comply with industry standards for physical security and availability. Compliance includes SOC 2, Type II, ISO 27001, and many others.

Access Control

Tax Guard combines role-based policies with ACLs (Access Control Lists) to ensure data security and integrity.  Authentication policies require two-factor authentication for all users, and a variety of secure factors are available to choose from.  Single Sign-On (SSO) and IP allow listing are available.

Password Security

Tax Guard enforces a strong password policy, requiring:

• Password length and complexity

• Password aging and history

• Account lockout after excessive failed attempts

Clients benefit from these security measures, as well as two-factor authentication to reduce the risk of phishing and social engineering. Tax Guard follows secure credential storage best practices by storing passwords using industry-leading, strong hashing algorithms.

Infrastructure Security

Hosting Security

Tax Guard employs the powerful tools created by leading cloud hosting services.  Identity and Access Management enforces access controls on users. IDS/IPS perform continuous, AI-enhanced network intrusion detection. Observability monitors and alerts are continuously monitored for network anomalies. Secure logging, secure and scalable DNS and digital forensics are deployed to ensure cloud security and best practices.  Load balancers terminate TLS connections for security and scalability.  Inquire to learn more about Tax Guard’s security posture, policies, and procedures.

Data Security in Transit and at Rest

All data is encrypted in transit and at rest using industry leading encryption. Key management is handled using the HSM backed modules that are FIPS 140-2 certified for secure access, storage and lifecycle management.

Communication Security

All sensitive communications are encrypted using leading email encryption software. Files are using our secured portal, SFTP or dedicated data room.

Business Continuity & Disaster Recovery

Tax Guard protects all data with backup policies, data replication, geo redundancy, failover systems and point-in-time recovery.

Annual Disaster Recovery exercises are performed to ensure the proper working of all backup systems in the event of a disaster. A separate Business Continuity plan is also exercised annually to assure that all business operations continue normally under unforeseen circumstances. Tax Guard offers high availability system and application status, including availability and incident updates on our status page at http://status.tax-guard.com

Compliance

Tax Guard is committed to the security and privacy of our client’s data. Our SOC2, Type II report for Security Principles, as well as our portfolio of policies and procedures, are available upon request. Other documents available include annual penetration test results, business continuity results, and disaster recovery results.

Please contact us with any questions.