Our Savety
Security
We take privacy and data security seriously. That’s why we’re committed to protecting your information using the highest standards of security available. Working with Bench gives you peace of mind.
Meeting or exceeding Industry Standards
QC Tax & Accounting undergoes annual SOC 2 and SOC 3 examinations of our security controls against the AICPA defined standards.
Auditing is conducted by a third party audit firm to assure security of our platform and its supporting infrastructure. Fill out this form to download our most recent SOC 3 report.
Responsible Use of Tech
Tech will continue to revolutionize the way we work and the world around us, including the practice of accounting. As QC continues to integrate SOC, responsible use of these tools, as well as privacy and security will continue to be core to everything we do.
QC’s upholds appropriate security safeguards designed to protect your information from loss, misuse, and unauthorized access or disclosure, and to ensure its confidentiality, integrity and availability. Our security program accounts for both the sensitivity of the information we process and the current state of technology.
Always maintaining the safety and integrity of your financial data
All third-party services that could potentially impact the security of our information or customer data are reviewed by our platform team. Bench requires all service providers to agree not to retain, use or disclose personal information for any purpose other than for the specific purpose of performing the services specified in their agreement with QC.
New features, functionality and design changes at Bench go through a security and privacy review process by our teams. Code is tested and is manually peer-reviewed prior to being deployed to production.
Our production environment implements a centralized logging and monitoring system to track information pertaining to security, monitoring, availability, access and other metrics about our services.
Our infrastructure systems are fault tolerant and our operations team works continuously to make Bench’s platform a highly available service you can rely on.
We protect the security of our network through the use of software and tools, such as firewalls and load balancers, and we implement multi-factor authentication for all servers across our various environments, including production.
All customer data processed by Bench infrastructure is encrypted in transit (with TLS 1.2) and at rest (with AES-256 encryption) using the latest cypher suites and protocols. In addition, we enforce full disk encryption on all corporate devices.
QC employees are subject to written confidentiality obligations and are prohibited from accessing customer data unless absolutely necessary. Our security policies include limiting access to systems only where individual roles require it (least privileged).