CIA Software is GL-backed financial software handling real PII and real money. Security isn't a feature page, it's the architecture.
The app runs on Cloudflare's global network and stores everything in one encrypted, authoritative database. No financial value lives in a form control or a local cache. There's no back-room server to be breached, ransomwared, or left unpatched.
Admin, Manager, Supervisor, Agent, CSR, and Accounting each carry a precise permission matrix. Authorization is checked on every request in the API, never hidden in the front end where it can be bypassed.
Non-privileged users see only their own agency and branch. The scoping is injected into every query, so a user can't reach data they aren't cleared for, even by guessing a record ID.
Credentials are hashed with a modern key-derivation function, never stored in the clear. Legacy passwords from your old system are never migrated; users set fresh credentials on cutover.
Every create, update, and financial posting is stamped with the user and timestamp and written to an activity log. Who changed what, and when, is always answerable.
Migrated AR, GL, and finance balances are recomputed and reconciled to the cent against your source data before go-live. PII is encrypted at rest and access to production loads is tightly restricted.
Server-side sessions with idle timeout. Close the laptop and walk away, the session does too.
Every financial mutation runs inside a transaction that must leave the ledger balanced. A posting that doesn't tie out is rejected, not quietly saved. Integrity is enforced, not assumed.
