How secure is my data?

Our sync model is based on the premise that only the required amount of customer data is stored on our servers. We have our platform hosted on AWS in a PCI Compliant hosting configuration. The information we store is limited to transactional information posted from ConnectWise to your Cloud Accounting Package. We integrate to Xero and QuickBooks online as certified integrators and are subject to review and verification of our platform as part of that certification process. Wise-Sync (and Wise-Pay) hold the highest certification and Audit score possible as part of our integration audit as conducted by ConnectWise.

When using Wise-Sync only, we store only the minimum information required for usage and verification.

The only information recorded in our logs is the batchID, an encoded link (GuiD) to the invoice created in your accounting package and the total of the invoice for verification purposes. This information is non-identifiable to anyone outside of your organisation. The use of this data is to log sync process, performance and provides you with a link to the invoice created (which will only work if you have access to the organisation).

To allow for support, we have implemented a debug logging level to assist with troubleshooting sync issues, and this is visible on your Account Page "debug logging". When this is enabled, we do store more information to enable troubleshooting purposes. You will also have the ability to clear the logs, after the troubleshooting has concluded.

When enabled, and to assist with managing inventory flow from ConnectWise, additional information is logged to provide an audit trail of the transactions processed affecting inventory; again to provide you with this information where required. The information logged includes the details of the invoice and Inventory Movements posted which affect Inventory Values in your accounting package. This was added to allow for investigation resulting from incorrect information posting from ConnectWise.

When Wise-Pay is added (which is an add-on for Wise-Sync), the level of information stored does increase as required to log additional information about the customer and payer. We don't store any information about your customers other than the name, phone and email; and only when they are registered as a payer in the system. All payment data is stored in accordance with PCI compliance, and quarterly audits are carried out by Security Metrics. No card or payment data is stored on our platform as we rely on third parties to store all sensitive payment information.

All other information such as User Account details are all stored in our DB in encrypted stores, and user passwords are hashed and salted.



P
Paul is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.