A year ago we released The Vault, our full Client and Workgroup Colloboration tool and Secure File Exchange System. Since then we’ve continued to improve and update the tool and have kept it on the cutting edge of security and usability.

With our most recent Portal security updates and new FileVault application, we’ve begun the process of phasing out the older file exchange applications, so that we can be sure you’re always providing the most advanced, secure and fully-functioned tools to your clients.

You should already have the Firm and Client Portal built into your site. Check for a login button at the top or bottom of your site. It’s simply a matter of providing a new login and password to your clients, and we’ve added a tool to allow you to easily add a batch of client users.

To add a batch of users, simply log into your Portal as and administrative user and click the Firm Administration link on the upper right. Once there, you’ll find an “Add Batch Of Client Users” tab, which allows you to simply copy and paste a list of email addresses to create new accounts for each user.

Client files still stored on the previous versions of the Secure File Transfer will need to be moved over to the Secure File Exchange. While you’ll have to download each client file manually, the new FileVault application is ideal for moving the downloaded files into the new Secure File Exchange.

To make this transition as easy as possible, we’ve just added a new feature to our Vault help to walk you through the Secure File Transfer transition.

Once that transition is complete, your client users will have access to all the new features, tools and security provided by the Portal and Document Vault system.

Your Firm and Client Portal has been upgraded this month. This completely new release is even easier to use and comes with the most advanced security features installed.

Sarbanes-Oxley and Gramm-Leach-Bliley Compliance

The laws governing websites for CPAs, accountants , and other financial services fall under unique privacy laws that other website owners don’t need to worry about. If you are transferring sensitive files into and out of a directory on your website, and you fall under the definition of a “financial service” (this includes, among other things, anyone who prepares taxes) you need to pay very special attention to online security.

If you don’t take good care of your client’s financial data online, you could be fined up to $100,000 for each violation of the Gramm-Leach-Bliley Act. At that rate, it doesn’t take many violations to completely wipe you out.

At CPASiteSolutions are well aware of the responsibility you have to your clients, which is why our File Exchange System is continually updated. This is, after all, our responsibility to you. As a provider of websites to CPA and Accounting firms it is our job to keep you in compliance with the law, just as it is your job as an accountant to do the same for your clients.

That’s why we just spent more than $37,000 to develop a new portal system to protect you.

What is a Firm Portal?
The firm portal is your access to the secured area of your website. As a firm user you can not only share sensitive accounting documents safely and securely with your clients, you can also modify your website , transfer files into your root directory via FTP, and access your Email Marketing System .

The new portal was designed by a team of high level programmers and security experts. They went through every possible security threat and locked them all down so you can sleep comfortably at night.

In order to be compliant with the Sarbanes-Oxley and Gramm-Leach-Bliley Act you need to have an audit trail of every user that accesses sensitive data. You now have a complete log of every access to the portal to keep you in compliance.

The Activity Log is both searchable and downloadable. For example… you can quickly search the log to see the last time one of your clients logged into the Vault File Exchange System. And you also have the ability to export a list of every access into Excel. You may never need to use the Activity Log, but it’s nice to know that it’s there keeping you in compliance.

Password Policies

All of the best security in the world becomes useless if you use weak passwords. It’s your responsibility to ensure the security and confidentiality of your client’s information. So if you allow your firm members or clients to access sensitive financial information with weak (easily cracked) passwords, you are in violation of the Gramm-Leach-Bliley Act.

That’s why we’ve implemented new password policies. You can choose how loose or tight you want your policy to be.

Here are the 3 levels…

Low : Average password strength (6 or more characters) required for all Firm and Client users.

Medium (Default): Strong passwords (8 or more characters with a symbol or digit) required for all Firm Users. But “Average” passwords required for Client Users (6 or more characters).

High : Strong passwords (8 or more characters with a symbol or digit) required for all Firm and Client Users.

The new password policy will be enforced the next time a user signs in. If the user’s password does not currently meet the policy, the user will be asked to change their password (to the stronger version) before logging in.

Firewall Friendly

The previous portal used “non-standard” high ports to enforce Secure Socket Layer (SSL) Security. The new portal uses standard ports for SSL security so you and your clients will not have firewall access issues.

Quickly Import Multiple Clients

The previous portal system required you to manually enter each of your clients. Now, that wasn’t too terrible if you only had to enter a few clients. But if you have hundreds of clients the process was mind-numbing and a waist of valuable time.

That’s why we built a client import system into the new portal. Now it only takes a few seconds to enter hundreds of clients.

Easy-To-Use Intuitive Design

The new portal interface uses simple Control Panel Icons instead of a complex menu system. So adding new users, changing access rights, or simply logging into an application is intuitive and easy.

I hope you like this new secure firm and client portal system we designed for you. If you have any suggestions, please leave a comment on this blog or call us.