Application Security
- Secure OAuth 2.0 for all third-party integrations (QuickBooks, Xero, Plaid)
- We never store your third-party login credentials
- API authentication with signed tokens and rate limiting
- Input validation and sanitization on all data entry points
- Protection against OWASP Top 10 vulnerabilities
- Regular dependency scanning and security patching
AI & Data Processing Security
Our AI analysis engines process your data within our secure environment. Your financial data is never used to train models for other customers. Each customer's AI context is completely isolated.
- Your data trains only your models and insights
- AI processing occurs within encrypted, isolated environments
- No customer data is shared, aggregated, or used across accounts
- All AI outputs are generated in real-time and not stored beyond your session unless explicitly saved
Business Continuity
- Automated daily backups with 30-day retention
- Geographic redundancy across multiple data centers
- Disaster recovery with less than 4-hour recovery time objective
- Documented incident response procedures and escalation protocols
- Regular disaster recovery testing and simulation
Responsible Disclosure
We take security vulnerabilities seriously. If you discover a potential security issue, please report it responsibly to security@f1rstcfo.com. We commit to acknowledging receipt within 24 hours and providing a timeline for resolution.
Questions?
For security inquiries, compliance documentation requests, or to report a vulnerability:
Email: security@f1rstcfo.com