From an information security perspective, there is no fully reliable mechanism to guarantee that changes in Exact Online can be prevented under all circumstances when operational control is delegated to Invantive software.
Invantive Cloud was deliberately designed to support both data retrieval and data exchange, and therefore the standard client ID applies to both read and write scenarios.
Even in the unlikely event of a severe security compromise or coordinated coercion of Invantive personnel by an external party, residual risks can be mitigated through strict configuration of user permissions and separation of duties within Exact Online.
Setup
It remains the customer’s responsibility to ensure that the connected Exact Online account and its permissions conform to their internal data governance and segregation-of-duties policies. From a compliance standpoint, the only verifiable and robust method to control write access is to use Exact Online’s native security model:
- either associate the data container with an Exact Online user account that has no privileges to alter sensitive data, and/or
- use a public client ID that is limited to read-only OAuth scopes, provided that these restrictions are correctly enforced by Exact Online.
Because the second option is typically more complex and costly to configure, the first approach is generally recommended. In all cases, consultation with the organization’s security officer is advised to confirm compliance with applicable regulatory and internal control requirements.
Audit and Traceability
Exact Online does by our knowledge not offer users a readily accessible audit trail or a full record of API calls executed through integrations. For operational assurance, customers can rely on Invantive’s built-in monitoring features, such as the Session I/Os screen, to review and correlate executed API interactions.
Risk Summary
The following is Invantive’s opinion on the risks:
| Description | Likelihood | Impact | Residual Risk after Controls | Mitigation Measures |
|---|---|---|---|---|
| Unauthorized data modification in Exact Online through Invantive software | Low: client credentials and access tokens are protected; only authenticated sessions permitted | High: could affect integrity of financial or operational data | Low: when using restricted user accounts and/or read-only OAuth scopes | Assign dedicated Exact Online user with read-only rights or minimal privileges |
| Compromise of Invantive Cloud infrastructure or personnel coercion (e.g., advanced persistent threat or state-sponsored actor) | Very Low: multi-layer authentication, least-privilege operations, and continuous monitoring | Very High: potential system-wide data manipulation | Low: if customers enforce segregation of duties and Exact Online permissions independently | Configure Exact Online access with non-privileged users and monitor API usage via Invantive’s audit tooling |
| Insufficient audit visibility of API activity in Exact Online | Medium: Exact Online offers limited native API logs | Medium: delayed detection of anomalies | Low: when supplemented with Invantive’s Session I/Os logging and external monitoring | Enable periodic export and review of Invantive session logs |
Based on current architecture and available compensating controls, the overall residual risk is considered as Low, provided that users:
- Maintain independent control of Exact Online permissions.
- Periodically review Invantive’s Session I/Os and associated audit data.
- Ensure their own security officer validates compliance with internal and regulatory requirements.
For more extensive support regarding security, it is recommended to consult
and where necessary book consulting support.
An article on similar risks through accounting link (Dutch) has been published on: