Security you can put in front of finance.
InvoicePath handles invoices, supplier details and accounting data — so security isn't a feature, it's the foundation. Here's how we protect it.
The essentials, done properly.
Encryption
Data is encrypted in transit (TLS) and at rest. Sensitive credentials and tokens are stored encrypted.
Least-privilege access
People and systems get only the access they need. Integration scopes are kept to the minimum required.
Secure integrations
Connections to QuickBooks, Xero, Google and Microsoft use OAuth — we never store your third-party passwords.
Isolation
Customer data is logically separated so one tenant's data is never exposed to another.
Auditability
Captures, edits, approvals and postings are logged with timestamps for a complete trail.
Backups & recovery
Data is backed up so a bad day stays recoverable, with restores tested.
Operational discipline
Reviewed access
Access to production is restricted, authenticated and periodically reviewed.
Vetted sub-processors
Third parties that touch data are vetted and bound by data-protection terms.
Patching & monitoring
Systems are kept current and monitored for unusual activity.
Incident response
We have a process to detect, contain and notify in the event of a security incident.
Data minimisation
We collect and retain only what's needed, and delete on request where we can.
Adjust these claims to match what you actually do today, and add certifications (e.g. SOC 2, ISO 27001) once achieved. Don't state controls you don't yet have.
Questions from your security team?
We're happy to walk through how InvoicePath handles your data. Book a call or email us.