Timesite Pro has recently been certified with ISO 27001.
ISO 27001 is the international gold standard for information security management. It is the benchmark in cyber security and proves the strength of our security status and for customers in global markets.
Why is this relevant to you?
CyberCX, a leading provider of professional cyber security and cloud services across Australia and New Zealand states “ISO27001 is a key plank to ensuring trust across the spectrum of stakeholders in the information technology industry and broader economy/community.”
ISO 27001 is important whether you be a consumer, business or member of society.
For consumers: Proof that we have adopted the International Standard helps reassure consumers that products, systems and organisations are safe, reliable and good for the environment.
For businesses: International Standards are a strategic risk management tool that communicates measures of a global acceptance and adherence to key business practices.
For society: Standards improve safety, quality and environmental outcomes as well as encouraging international trade and governance around privacy and security of information.
Why is ISO 27001 important?
Having an international standard for information security allows a common framework for managing security across business and across borders. With an ever more connected world, the security of information is increasing in importance.
Data and information needs to be safe, secure, and accessible. The security of information is important for personal privacy, confidentiality of financial and health information and the smooth functioning of systems and supply chains that we rely on in today’s interconnected world.
ISO 27001 provides the framework for you to effectively manage risk, select security controls and most importantly, a process to achieve, maintain and prove compliance with the standard.
Adoption of ISO 27001 provides real credibility that you understand security and take security seriously.
As well as protecting your data from external threats, the certification has three main information security objectives, ensuring:
- Only authorised users can access information
- Only authorised users can change and share information
- Your information is securely accessible by authorised users
The ISO 27001 certification follows a rigid framework – which includes policies, processes and data controls – and is subjected to regular quality checks as well as independent audits. To become an ISO 27001-certified organisation, a company must prove high safeguard levels are in place for customer, partner and company data. This includes:
- Proving potential damages are mitigated
- Security breaches are unlikely
- Potential threats are down and eliminated in their early stages
Other measures adopted by Timesite Pro to enhance your data security
In addition to our ISO 27001 certification Timesite Pro uses a multi-tenant approach. This means your site has its own database and own copy of our platform software. For businesses located in Australia, New Zealand and PNG all of this data is stored in Amazon's Sydney data centre.
- If a timesheet record is changed from one project to another and authorisation is active rehome the timesheet record if applicable.
- Add support for break start/end and paid/unpaid breaks in the timesheet txt import process.
- The timer add time to records process was broken - it has been fixed.
- Add ability to include part of an unpaid break as paid.
Mobile App & Kiosk
- Change the kiosk pin field to a string.
- Move kiosk events to the server so all devices logged in as a kiosk can share these events.
- Add more properties to the UserKioskEntity to support changes in the mobile apps.
- Make sure the web app dashboard kiosk screen correctly syncs with the mobile app kiosk screens.
- Add support for mobile apps to use microsoft Azure to login.
Awards / Rules Engine
- Implement in engine V2 a new payrule type call consecutive, this will deal with not enough break time between shifts.
- Add the ability to the award engine to use the last applied rule to determine the next rule for total time and consecutive shift calcs.
- Begin adding the feature to send award records via advanced sync
- Updates and improvements to the V2 award engine.
- Add an external id to the award codes, expose this id value via the timesheet export process. This is used by adventure world.
Modify the total time rule and V2 engine to support selecting days to use to include in total time calcs
Exporting and Importing
- Resolve issues with the project import process via txt file.
- Change all the API endpoints to use https.
- Add the ability for the award engine to deal with including x minutes of a break as paid.
- Add the ability when importing timesheets to add or update if an external record id is supplied.
- add tasktype category and task type to the export detail screen - only show with the timesite support login.
- Add more filters to the timesheet export screen: only authorised and only reviewed.
- Add the ability to use a delimitator in the project item name field and to specify the corresponding element to use to match with MYOB advanced. tasks - this only applies when the system setting to match project items with myob tasks instead of tasks with myob tasks.
- Add option for MYOB Advanced to only sync reviewed records.
- More work on sending timesheet records to payroll metrics.
- show project and task code values in the admin screen if MYOB advanced is enabled, regardless of the setting to show these fields.
- Add the ability for timesite to match with MYOB AR customers via card id.
- Add the ability to import the MYOB Adv project address details when importing projects.
- Ensure we only deal with active myob adv customer, project and employee records.
- Allow importing of tasks to auto create or update based on a user defined field value.
- Improve perfomance of webhook processing
- Update the timesheet export process to support external keyid value and inser/update records based on this key
- Add option to MYOB advanced import of projects to also setup a geofence based on the projects address.
- Update enquiry and enquiry details screens so when they export to excel daily dates are formatted as excel dates.
- Tidy up the filters section of the export screen.
- Lift all required code from MT.Internal (ValidateService, LicenseDALC, RegisterDALC and place in DALC.Common AdminDALC. This is to remove the requirement to maintain MT.Internal web services.
- Remove the timesiteservice reliance on MT.Internal webservices.
- Improve the performance of the Lnk Screen, this involves various changes.
- Resolve issue with QuickSetup.
- Add the ability to print the message log and to specify the date from and date to.
- Change faceid from a unique key to a bool to indicate face id has been registered.
- Begin addition of webservice method request logging via serilog and sending to seq. This provides much more accountability over the whole platform as it records every request for data from the database.
- update change password code so messages are sent asap instead of waiting for up to 30 seconds to be sent.
- Move the azure AD setup variables out of the web configs and into the db.
- Begin to add the ability to set those addresses as geofence locations when importing them.
- Implement SEQ logging for all webservice method calls.
- Improve performance of getSetting thruout web and mobile apps.
- Add a faceidnotregistered method for the mobile facerec implementation.
- Retire FindSystemSettingAdminBKey.
Bug we have fixed
- Improve the TimesheetItem Audit screen.
- Improve scheduler perfomance for a couple of the events such as processandstoreemails, helpdesk etc, all resulting from review of SEQ logged data.
- Improve the error reporting for MYOB Advanced when exporting to Payroll.
- Tidy up the code in the email setting page, spend more time of 365 email integration.
- Resolve decrypting issues with license keys, these resulted from moving code out of web services and into the main app.
- Resolve numbering issue where some variables were still int and should have been decimal due to the id values getting so large, these issues manifested in incorrect budget screen layouts and i suspect in many other places as subtle errors.
- Resolve an issue where user entitlements were not being displayed correctly.