Key Security Features for AskMyAdvisor® Members

In an age where data breaches are increasingly common, the significance of robust security measures for our trusted advisor members cannot be overstated.

AskMyAdvisor® is acutely aware of the responsibilities that accountants, attorneys, consultants, financial advisors, realtors, and other trusted advisors bear when handling sensitive client information. To uphold the trust and confidence these professionals have in our platform, we have gone the extra mile to implement unparalleled security measures.

At the heart of our commitment to data protection is the stringent security architecture of our CRM online and mobile platforms. Below is a detailed breakdown (click the blue button or scroll to the next section).

Key Security Features for AskMyAdvisor® Members, their clients and the clients' COI

Remember, at its core, the AskMyAdvisor® OS is a connector. Our software demands just basic data: name, phone, email, and a Q&A (max 400 characters) to deliver its transformative impact.

Intentionally designed this way, it stands as the sole Client Discovery+Referral Onboarding engine trusted advisors need.

Though some view our security as over-the-top, we opt for heightened protection for our members, their clients, and the clients' COI.


Below is a Walkthrough in 5-Steps...

  • 1

    AWS integration

    Our platform is powered and protected by Amazon Web Services (AWS), a world leader in cloud services. With AWS, data is secured using the most comprehensive security capabilities, ensuring maximum protection.

    Askmyadvisor powered by aws
  • 2

    Exclusive Access

    Each member's AskMyAdvisor® CRM - both online and mobile - is only accessible with their unique username and a secure password. This ensures that only the member has access to their data, preserving the sanctity of client information.

    Members only access
  • 3

    No External Access

    AskMyAdvisor® has built barriers to make certain that no one else – irrespective of their intentions – can access the data within our CRM. Your data remains your own, always.

    Members only access (1)
  • 4

    Continuous Security Monitoring and Upgrades

    Leveraging the power and constant advancements of AWS, we regularly update our systems to stay ahead of potential cyber threats, making sure our security is always a step ahead. We also have integrated overlapping monitoring services to protect our software.

    Members only access (2)
  • 5

    Educational Resources

    To ensure that members maintain strong personal security practices, AskMyAdvisorᆴ provides educational resources and best practices. This helps members set strong passwords and recognize potential security threats.

    Members only access (3)

As an innovative SaaS leader, AskMyAdvisor® holds security in the highest regard.

Updated August 2023: Our robust security framework is designed to safeguard customer data both in transit and at rest. With features such as SSL certification and AES-256 encryption, one of the most secure encryption methods available, we work tirelessly to ensure that your data is protected against breaches.

Key components of our security stack include:

  • Committed to Privacy

    AskMyAdvisor® is committed to the protection of customer data both in transit and at rest. Our security measures include automatic SSL certification and the implementation of AES-256 encryption, one of the most secure encryption methods available, to ensure your data is virtually impervious to breaches.

  • Physical Security

    Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.b Services (AWS) https://aws.amazon.com/what-is-aws

  • AWS Amazon Web Services

    AWS provides physical data center access only to approved employees. All employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.

  • SSL Certificate

    The core function of an SSL certificate is to protect server-client communication. AskMyAdvisor® using SSL, every bit of information is encrypted.

  • TLS 1.3 Encryption

    Encrypts your data using the latest industry-standard protocols to keep your visitors’ information safe.

  • DDoS Protection

    In a DDoS attack, sites are flooded with unwanted traffic and become unavailable. Cloudflare reroutes this malicious traffic to keep your site accessible at all times.

  • Level 1 PCI Compliance

    AskMyAdvisor® complies with the highest global standard for secure online payments, regardless of the payment provider used.

  • Reliable Responsiveness

    AskMyAdvisorᆴ prides itself on unwavering reliability, providing a 99.99% uptime SLA. Leveraging multi-cloud hosting, expansive CDN coverage, and a vast network of servers worldwide, our platform dynamically scales in response to traffic surges.

  • Optimized Performance

    Each AskMyAdvisorᆴ software service is meticulously optimized for Core Web Vitals and rapid response times, ensuring an unparalleled user experience regardless of network, location, or device.

  • SOC-2 certification

    COMING SOON: Although AskMyAdvisor® collects minimal information, making SOC-2 certification not a necessity. We are voluntarily acquiring it to underscore our serious commitment to SaaS security. This fortifies our security structure, kept constant by our dedicated team.

  • Protection against XSS

    Protection against XSS (Cross-Site Scripting). During XSS attacks, the attacker enters JavaScript (usually into a form’s text areas) into your website. Now, whenever new visitors will access the affected page of form, the script will be executed with malicious impact. Laravel’s inbuilt mechanisms prevent that.

  • SQL Injection

    Laravel’s Eloquent ORM uses PDO binding that protects from SQL injections. This feature ensures that no client could modify the intent of the SQL queries.

  • Vulnerabilities From CSRF

    Vulnerabilities From CSRF (Cross-Site Request Forgery)

    Laravel typically uses CSRF tokens to make sure that external third parties couldn’t generate fake requests.

  • Laravel Authentication System

    Laravel has a robust user authentication process in place with the associated boilerplate code available in the scaffolding. We do not store passwords in our database, so even if our database is leaked, access to their accounts would not be.

  • "Is the app encrypted?"

    Absolutely, all the data is encrypted, especially sensitive data like passwords. We also have two-factor authentication for users who want to enable it.

Artificial Intelligence (AI) Usage & Ethics Policy

Purpose

This policy outlines the responsible and ethical use of Artificial Intelligence (AI) technologies within the AskMyAdvisorᆴ platform. The aim is to ensure that AI is used to enhance user experience, automate processes, and maintain the highest standards of data privacy and security.

Scope

This policy applies to all AI technologies deployed within AskMyAdvisorᆴ, including but not limited to machine learning algorithms, data analytics tools, and automated decision-making systems.

Principles

Transparency

All AI systems will be designed to be transparent in their operations, making it clear when a user is interacting with an AI.

Fairness

AI technologies will not discriminate against any user based on age, gender, ethnicity, or any other personal characteristics.

Privacy

All AI systems will comply with data protection laws and AskMyAdvisor's own privacy policy.

Security

Measures will be in place to ensure the security of data processed by AI technologies.

Accountability

AskMyAdvisorᆴ will be responsible for the actions of its AI systems and will provide avenues for redress in the case of errors or issues.

Implementation

Initial Assessment: Before deploying any AI technology, a risk and ethical assessment will be conducted.

Monitoring: Continuous monitoring will be in place to ensure that AI systems are functioning as intended and adhering to this policy.

Updates: This policy will be reviewed annually or as needed to adapt to technological advancements.

User Consent: Users will be informed and must consent to interact with AI systems where applicable.

Audit: An annual third-party audit will be conducted to ensure compliance with this policy.

Compliance

Failure to comply with this policy may result in corrective action, up to and including termination of access to AskMyAdvisorᆴ services.

Review

This policy will be reviewed at least annually to ensure it remains relevant and up-to-date.

By using AskMyAdvisorᆴ services, you agree to the terms outlined in this AI Policy.