Keeping Your Billing Data Secure

TimelyBill focuses on cybersecurity, risk mitigation, and locking down our infrastructure.

TimelyBill's commitment to a security framework aligns with Zero Trust principles. This helps us build customer confidence as we expand into additional markets↗️.  As we continue to build on our reliable reputation, these security measures help set us apart from our competitors.

TimelyBill is certified in the following compliance and regulatory frameworks:

Annual SOC 1 Type 2 Audit

For more than a decade, TimelyBill has earned System and Organization Controls (SOC) certification.

• Marcum LLP, an independent, certified accounting firm specializing in SSAE 18 audits, conducts this audit. They examine TimelyBill's controls related to network connectivity, firewall configuration, computer operations, database access, data transmissions, backup, software development, and other areas of our system.
• We continually demonstrate that our policies, procedures, and operations meet or exceed the stringent SSAE 18 criteria.

Annual PCI Compliance Attestation

We also receive annual attestation of compliance with the Payment Card Industry Data Security Standard.

• This self-assessment helps us evaluate and report compliance with PCI DSS. The report documents our security posture and whether we have taken the necessary steps to protect cardholder data.

TimelyBill uses modern hosting US-based facilities and network infrastructures:

State-of-the-art data centers are located in Las Vegas and Atlanta.

TimelyBill serves up its cloud-based software from Tier 5-rated data centers.

• A Tier 5 data center is considered to have features that exceed those of a Tier 4 facility, including more robust redundancy, advanced cooling systems, and heightened security measures.
• These facilities are built to maximize uptime, making TimelyBill an always-on application. Our hosting environment uses a redundant server infrastructure, networking devices, and disk subsystems.

High Availability

TimelyBill customers have both production and stage database instances.

• These are unique to a customer and not shared.  A third database instance operates in a separate virtual machine as a synchronous replication of the primary database.

Data Security

Our data protection includes failover clusters, backup transaction logs, daily offsite backups, anti-malware protection, file encryption, file integrity monitoring (FIM), and two-factor authentication (2FA). All data is stored and processed exclusively within the United States.

Proprietary Code

Our software is a proprietary solution and is not open source. This ensures we maintain complete control over its development, security, and support to meet your needs.

Additional Safeguards

We use additional layers to protect customer data, including IP filtering, SSL, and VPNs. TimelyBill prioritizes data security and maintains a strong defense against potential threats by implementing these safeguards.

 

See related post: "Be Prepared: Ransomware and Software Safety"