Why Our Customers Choose Workiva and the Cloud: Security
Finance, accounting, risk, and compliance professionals have given us many reasons for choosing Wdesk. We are exploring each of the top 10 reasons why organizations move their reporting and compliance to the cloud in greater depth with this blog series.
Cybersecurity has become a growing priority for organizations, even before historic megabreaches like the Equifax Inc. incident that exposed details of 143 million consumers or the WannaCry ransomware outbreak in 2017.
Workiva has instilled rigorous safeguards to protect your data. That is just one of the many reasons more than 3,000 organizations trust Workiva for their accounting, finance, risk, and compliance reporting,
Reason Number 2: Securing your data in the cloud
With any system, whether on-premise or in the cloud, it is important to vet vendors who will be sharing security responsibilities with you.
Cloud platforms hosted on Amazon and Google can leverage security investments and visibility across thousands of clients to identify fraudulent transactions and breaches more easily. These platforms typically implement the latest software versions and patches in the background instead of relying on individuals to install their own, which has historically been a source of breaches.
Permission settings that allow you to control who can see and edit sensitive data can make it safer to share documents in the cloud than to email attachments for colleagues to download.
Underlying cloud infrastructure represents only the first level of security for your applications and data. In order to understand your cloud security posture, you have to consider the additional safeguards provided by your software as a service (SaaS) provider—and independent evaluations of your vendor's controls.
Control, encryption, and authentication
Information security at Workiva includes data encryption and segregation, multifactor authentication, and advanced permissions and data authorization.
Wdesk and Wdata encrypt your data both in transit and at rest to prevent your data from being compromised, even in the event of a breach. Your encryption key is kept separate from your data for further protection.
Workiva also offers a range of security features, so your organization can implement controls that match your internal policies and procedures.
Need to control employees' access to data you collect in Wdata or import into Wdesk for final reporting? You can implement Security Assertion Markup Language (SAML), a single sign-on standard for exchanging authentication and authorization information between, say, a user’s corporate network and Wdesk.
Alternatively, you can use System for Cross-domain Identity Management (SCIM), which integrates with your organization’s active directory and IP address restrictions when the user is working from a coffee shop, for example, or for smaller organizations that don’t use SAML.
Workiva offers extensive logging through an easy-to-use console. Users also can set standards for passwords, and opt-in to set up two-factor authentication. This extra level of security requires not only a username and password, but also a unique piece of information only the user possesses, such as a token.
Third-party audits of Workiva security
Security is a responsibility Workiva takes seriously.
Workiva is compliant with AICPA’s SOC 1 and 2 (Service Organization Controls) audits, which examine internal controls over both financial reporting and nonfinancial reporting as it relates to security, availability, processing integrity, confidentiality, and privacy.
Workiva complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the General Data Protection Regulation (GDPR).
Ongoing penetration and vulnerability testing is part of operations, and an independent third party conducts these tests twice a year.
In addition, Workiva operates under the Federal Risk and Authorization Management Program (FedRAMP). Workiva has achieved FedRAMP authorization, which signifies an ongoing commitment to meet stringent cybersecurity requirements that will protect the data of government operations, agencies, and departments.
Keep your eye on this blog over the next several months as we examine more reasons companies choose Workiva.
If you don't want to wait that long, request a demo today to learn more advantages of Wdesk and how to use Wdata to bring data into Wdesk.
About the Author
As executive vice president and chief customer officer, Mitz Banarjee is a key contributor to the growth of Workiva’s customer base ensuring satisfaction, experience and retention are best in class. Mitz is an expert in leading teams and brings years of experience working with customers and building Workiva's customer success and services organizations. He joined Workiva in 2010 and has served in various leadership roles ensuring the exponential growth of the global business.
Mitz also oversees the Europe, Middle East and Africa (EMEA) business growth and alignment to company goals that capitalize on the market opportunity. In addition to helping ensure the best customer experience and growth in EMEA, he also oversees the global administrative and facilities function for Workiva. Over the past 20 years, he has helped drive customer satisfaction and customer loyalty at an operational level for technology companies of all sizes.
Prior to Workiva, Mitz was director of client services at Yodle (acquired by web.com), one of the largest local ad networks in the United States. Mitz has a Bachelor of Arts in Information Systems from the University of Lincoln in Lincoln, England, United Kingdom.