Acumatica for Outstanding Cloud Security

Acumatica Security

A frequent concern that organizations have about moving their ERP to the Cloud is security. And that's a reasonable concern. You may imagine that keeping all your business processes on-premises, using whatever security measures you have established, will keep you secure. However, there is strong evidence that the comprehensive security in Acumatica can make the Cloud even safer than your on-premise operations.

Acumatica follows stringent protocols for security, so your data will be safer in your Cloud ERP than on your personal computers or servers. With Acumatica, protection is included with your Acumatica Cloud ERP subscription. Attempting to match Acumatica's Cloud security on your own can be prohibitively expensive.

Overview of  Acumatica Cloud security

Acumatica security adheres to industry best practices. Proactive protection includes AI-driven threat detection protocols. Here's an overview of Acumatica security:

  • Data security

Acumatica secures your data in several ways. Acumatica's support staff can access data only through the Acumatica office network or its VPN, using secure protocols TLS 1.2 or IPSEC. These controls generate a detailed audit log of support activity, but only with your permission. Your organization controls all database access

All Acumatica personnel undergo strict screening and annual security training to ensure that all security requirements are met. Access to Acumaatica's servers is restricted through stringent control mechanisms and CCTV monitors.

  • Security audits

Acumatica's Cloud xRP platform, AWS, and Azure are subject to strict compliance and security audits, including GDPR protections, international best practices standards such as SSAE and ISO IEC 27001:2013, and SOC 1 Type II and SOC 2 Type II compliance audits.

SOC (Service Organization Controls) compliance audits ensure that service providers, such as Acumatica Cloud ERP, can securely control financial information. The SOC 1 Type II and SOC 2 Type II audits review risks, controls, security, confidentiality, and availability associated with outsourcing services.

Acumatica's successful SOC 1 and SOC 2 audits demonstrate that security in Acumatica meets compliance requirements for financial institutions and other organizations mandated to maintain end-to-end control over data and applications.

  • External access protocols

One of the greatest advantages of Acumatica Cloud is that it allows remote access. But that access is also subject to strict security protocols for external network connections and wireless networks. There are also full security controls for mobile device users and remote workers and fully segmented networks within Acumatica that restrict access to information stored in specific security zones.

Third-party providers that work with Acumatica must meet strict security parameters and be monitored consistently for compliance with information and service delivery security. All shared information must go through a formal data exchange agreement process.

  • Encryption controls

Sensitive data and media processed or transmitted by Acumatica are encrypted to maintain integrity and confidentiality. For sensitive items, such as credit card numbers, social security numbers, names, pay rates, etc.,  security controls in Acumatica automatically encrypt the data, protecting your business in case a backup of yours is lost or stolen.

All calculations, validations, and reports in Acumatica are processed on Acumatica's servers rather than on your computer or browser. That protects your organization from hackers seeking to determine how your system works, and it better protects your data.

  • Password fortification

Password security in Acumatica requires that each user have unique login credentials, and their security permissions are limited to what their role allows. Acumatica allows administrators to set requirements for password complexity and change frequency. You can also set up one-time passwords (OTPs) for better multifactor authentication. Role access is fully customizable on your end.

You can implement multifactor authentication in Acumatica ERP by taking advantage of Acumatica's single sign-on (SSO).  Acumatica ERP supports SSO with Microsoft, Google, and OneLogin multifactor authentication providers.

  • Frequent data backups

Backups are more than a nuisance. They are time-consuming, costly, and fraught with risk. It's no wonder that small to mid-sized organizations struggle to keep up with them.  Today's fast-paced businesses require near-constant backups because restoring even one day's transactions can result in significant downtime.

Acumatica Cloud backs up transactions every 15 minutes and performs full nightly backups, including off-site replication for true data security. Acumatica also performs monthly backup testing, ensures business continuity by replicating to multiple secure global locations, and permits you to create snapshots of your data for offline storage.

  • Layered security

Enterprise-class antivirus, firewalls, and browser-based protection support Zero Trust security methodologies.   Protected source code in Acumatica is only accessible by individuals with a legitimate business need for the data, with sensitive information entirely removed during testing processes. Multifactor authentication allows for remote working from home or around the world. Or, if you choose, limit user access to a physical location or IP address.

  • Patching and updates

Acumatica has a team dedicated to patching and updating.  Fixes are done nearly instantly, so there is no disruption to your business.

Full-stack security covers everything from data to virtual machines and the cloud infrastructure and hardware. Maintaining this level of compliance and security is extremely difficult with on-premises solutions.

  • Active threat hunting protocols

Acumatica's security includes a multi-featured intrusion detection system that uses AI to continually monitor the Acumatica platform and related environments for suspicious activity. Cybercriminals employ a diverse range of tactics to gain access to data and systems. Traditional antivirus applications may only monitor endpoint security.

Malware threats often target small and midsized businesses that may not have the IT budget and resources to keep on top of evolving threats. Acumatica can boost security and save costs.

Why does Acumatica focus on so many levels of security? Because they know that organizations do not have to be large or in a sensitive industry to become the target of ransomware or other forms of criminal attack.

If you've been considering moving to Acumatica Cloud but have questions about the security of your data, we invite you to learn more.

Contact our experts at Dynamic Tech, and let's talk about security and what Acumatica can do for your business.


Since 1996, Dynamic Tech Services, an Atlanta-based national Acumatica partner, has offered consulting and solutions that help clients get the most out of their critical business technologies. As one of the only firms in the world with multiple multi-year Acumatica MVPs (one of whom is a 6-time recipient), we’re the experts to trust for honest Acumatica information.


Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.