Not every email address is accepted, nor every origin is accepted when signing up for Invantive Cloud and on-premises products like Invantive Control for Excel.
Invantive products are mainly used to process financial data of tens of thousands of companies. Financial data often has a temporarily or permanently confidential character, so it cannot be shared with everyone (“confidentiality”). In addition, payroll data from many companies is also processed.
We expect users to identify themselves given the nature of the data.
Therefore, among other things, we require an email address that is for business use and traceable.
In the rest of this article you can read the backgrounds. Are the backgrounds unclear, incomplete or inconsistent? If so, please leave a reply.
For dealing with confidential data, a number of approaches have proven themselves even before automation was invented. Today’s “information security” is an almost 1-to-1 translation of “keep under lock and key” from the old ledgers:
- no one can read a ledger through the doors (confidentiality),
- no one can change the ledger without access to the key (integrity, 4-eyes, as long as the cabinet is well made and has a then state-of-the-art lock on it), and
- they are also available (availability, as long as the housing - as happened in every city up to a hundred years ago - did not fall victim to a fire).
From the point of view of information security and Know Your Customer Invantive has chosen to include provisions in the process so that we can determine by whom what and when something has been done, and - where feasible - make unauthorized use more difficult.
This focus on monitoring starts upon first use and is largely automated. The two measures described here are excluding countries and non-reducible email addresses.
We exclude connections originating from countries with limited law enforcement or legislation. To prevent usage from being non-traceable, we also do not allow, for example, connection techniques such as anonymous VPN or Tor where it is unclear where a user is or who it is.
For the same reason, we also require users to use email addresses that are easily traceable to a legal entity. The use of email addresses such as
email@example.com has therefore been made impossible as far as reasonable possible. The use of e-mail addresses that can be used to conceal one’s identity, such as
firstname.lastname@example.org, is also hampered as much as possible.
An understandable concern when entering traceable contact information is how the data will be used. Invantive does its best to work from your interest and not to “stalk”. Apparently this works out well most of the time.
Please consider leaving concerns explicitly as an independent Google review should you experience that entrusting the e-mail address and/or personal data to Invantive was not justified. This way you help us with socially desirable behavior.
Not every business owner or accountant has the same security needs. This can be perfectly legitimate; not every type of data needs to be protected equally extensively. The controls on the Invantive products can be frustrating. Should you experience problems due to the security policy, please create a topic with your problem and explanation, or leave a reply.
It may happen that the chosen security model can not be made to fit even with explanations and/or help. In that case, we recommend that you also consider alternative providers. Some providers may be more flexible in responding to different needs.