How We Protect Your Data
At QTTS, your privacy isn’t just a checkbox — it’s a mission. With data breaches hitting headlines more often than tax deadlines, we believe that real security starts with not cutting corners.
​
🔒 Only 17% of small businesses encrypt their data, and 51% have no cybersecurity measures at all.
— ExplodingTopics.com, 2023​
Let’s just say… we’re not “most businesses.”
​
The founder of QTTS managed a computer forensics lab at the CRA — yes, that CRA. With a decade of experience investigating data breaches, insider threats, and digital evidence, we’ve seen firsthand what poor security practices look like — and what they cost. That’s why everything at QTTS is built from the ground up to be airtight, encrypted, and private.
​
We don’t store your data in the cloud. We don’t take chances. Here’s how we protect you:
​
🔹 How We Store Your Data
We don’t touch the cloud for storage. Ever.
Your data is stored locally on a secure NAS (Network Attached Storage) housed at QTTS. Here’s what that means:
-
Redundant Backup: The NAS runs with mirrored drives. If one fails, the data is still safe on the other. Once replaced, it rebuilds automatically.
-
BitLocker Encryption: Every drive is encrypted — not just the NAS, but the computer hard drives too.
-
Offline Physical Backup: We go further by maintaining a separate offline backup, also BitLocker encrypted. If a disaster strikes, your data is still safe.
​
🔹 Transfer & Access – Encrypted. Temporary. Controlled.
When it’s time to send or receive files, we use Sync.com — a Canadian cloud service based in Toronto, known for privacy-first practices and end-to-end encryption. That means:
-
Files don’t leave Canada
-
Upload links expire quickly
-
Signed forms are handled with the same encrypted protocol
-
Once we’ve filed your return, you’ll get 72-hour access to your finalized documents — then, they’re removed.
No lingering files. No permanent cloud storage. No “oops.”
​
🔹 What Happens to Backups & Old Drives?
When drives get full, we don’t toss them or store them in a shoebox. They’re:
-
Labeled clearly
-
Stored in a fireproof, waterproof safe
-
Retained only as long as required by law
-
Tracked in a destruction schedule so we know exactly when to securely wipe and retire them
​
🔹 Why This Matters
🧯 54% of companies store financial records in the public cloud, and many of them don’t disclose data breaches to their clients.
— ExplodingTopics & ScienceDirect​
That’s terrifying. It’s also standard in the industry — especially with large firms that value volume over client trust. At QTTS, we choose to own our infrastructure, encrypt everything, and be transparent about it.
​
We don’t gamble with your privacy. That’s our promise.
​​
📎 Sources: