+1 570-572-0296 contact@cpasupportdesk.com
Security & Trust

Practical controls for CPA firm client work.

CPA Support Desk is designed around firm-level and client-level separation, role-based access, activity history, and controlled document workflows. This page summarizes the trust controls we use without making unsupported certification claims.

Start Free Trial Talk To The Team

Workspace Controls

Data is organized around firm and client context.

Each accounting record is tied to a company and client workspace so firm owners, clients, and employees can work from scoped views instead of shared folders or email threads.

Client Data Separation

Invoices, purchases, expenses, ledgers, cash reconcile records, reports, activity entries, and requests carry company and client identifiers.

Role-Based Access

Admins manage their firm workspace, clients see their own workspace, and employees are scoped to assigned client workspaces.

Firestore Rules

Security rules enforce signed-in access, company matching, client matching, and allowed update fields for sensitive workflows.

Document Controls

Documents are stored through Firebase Storage workflows with upload limits and image compression support for safer, faster handling.

Operational Trust

Built for review-first accounting work.

Activity History

Key events such as uploads, invoice edits, payment changes, QuickBooks publish attempts, and service request updates are recorded in recent activity.

Review-First QuickBooks Publishing

Records are published to QuickBooks only after a user reviews the invoice detail and chooses to publish manually.

Support Request Context

Bookkeeping, payroll, reconciliation, reporting, and cleanup requests are tied to the right client workspace so context stays clear.

NDA-Covered Support

Back-office support work should be handled under confidentiality expectations and reviewed by the firm before client-facing decisions.

Important Note

Certification language.

Is CPA Support Desk claiming SOC 2 certification?

No. This page describes practical product controls and operational safeguards. We do not claim SOC 2 certification unless a formal certification is completed.

Can CPA firms review access and activity?

Yes. The portal includes role-based workspace access and recent activity views so teams can review important changes.

Next Step

Discuss your firm’s workflow and trust requirements.

Tell us how your firm manages client records today and what controls matter before you move work into CPA Support Desk.

Talk To The Team