I’ve brought this up with repairshopr and syncro multiple times, but no resolution has been given.
Issue: by default all customers have a portal that is open and not password protected and has a url that works for anyone that has it. I don’t know about you all and how your businesses work, but even though we try to never have passwords in tickets it sometimes still happens, and even if there are not passwords some of the things discussed with owners/management about shutting off access for employees or monitoring people or other things is very sensitive info that seems dumb to just have available to all by default. And for outside people to have access seems even worse.
Scenario 1: A customer emails a ticket in and CC’s their vendor/customer/anyone. Once you respond to them their vendor/customer/anyone now has a link to look at every single ticket/invoice/etc for that customer that has ever been made, or will ever be made.
Scenario 2: A customer’s employee that is a contact on the customer leaves their employer, they still can utilize a url from any ticket you’ve ever sent to see tickets/invoices/etc for their ex-employer forevermore.
Scenario 3: All employees of a customer that submit a ticket have access by default to view all tickets/invoices/etc that have ever been made for that customer.
These links by default give access to an entire customers record, by default there is no credentials required or validation done. Literally anyone that either has (or guesses) the link can access it. There is still no way to turn off the portal by default on all customers, or even just on any new customer. The only way to do this is to turn on the portal and then give “no portal access”. But the dumb thing is that this generates an email to the primary email address asking them to “setup a portal user” even though they can’t.
Am I just over-reacting at the huge amount of information that is available by default?
I think you want to look at adding portal users. Then they’ll need to physically log into the portal, and you’ll also be able to assign them permissions so you can set the scope of what they can see (Invoices, Assets, Tickets, etc. and also View Mine or View All).
We have close to 700 customers, so that’s quite an overwhelming/impossible task.
The question still stands of why can’t we turn this off by default. And why we can’t bulk turn it off without it generating an “invitation” email.
Are you just asking then to be able to disable the Customer Portal globally across all customers?
No you are not over reacting @anon47640642 . This is bad. I wish I had realized this security hole during our trial. All sorts of info can be in tickets, that could be used to phish an organisation that is a customer.
Not a solution. We recently imported our customer list from Quickbooks in preparation for using Syncro for Ticketing and invoicing. Result is 1300 customers.
Now there is no way we will use Syncro for ticketing, charging and invoicing. All your work on the PSA that you are currently doing, has no value to me now.
Yes please. How can we do this quickly?
In the meantime, I have deleted all the existing tickets that I had created. They were all duplicated in RangerMSP anyway, while I was getting used to the Syncro way of doing things. This is all such a shame as I really loved the worksheet features that integrated with ticketing so well.
I would also like to please be provided the webserver log entries for all unauthenticated access attempts to access my SyncroMSP Tenant. I will log a support request for this data.
You can edit the email templates by going to the Admin Settings > Syncro Administration > PDF/Email Templates > Email Templates and then you can edit the ticket-related ones and remove the Online Profile link if you aren’t intending on using the Customer Portal.
Also, besides removing the portal link from emails (you’d probably want to do this regardless, though) you can also change the permissions of what “non-portal users” (users without portal logins) can do, including being able to view the portal at all. If you go into the Admin Settings > Customers > Portal User Permissions Groups and then edit the “Non-Portal Users Group.” You can limit what they can see, or you can disable access to the portal entirely and they’ll see an authorized message if they click the link (which is why it’s probably best to do this in conjunction with removing the link from the email template).
This is basically what I did from day one. Edited the templates and set the permissions for non portal users to essentially nothing.
SO I am understanding correctly, even if you don’t have a portal link (auth), if you “guess” the correct link, anyone could access personal customer information? Yea that would seem like a very BIG oversight!
I’ve limited to “Customer Portal -Access” and “Tickets - Create New”. Then users can still create new tickets, but no one can use the Online portal to view a list of tickets no matter what the status is.
However, doing this does display an ugly error when a ticket is created in the portal.
On the plus side, now that the “Non-Portal Users Group.” only has those 2 permissions, if the link in the ticket created email is clicked, the browser displays a Sign in prompt.
Therefore it appears that tickets cannot be publicly accessed anymore.
Not long after we started with Syncro we highlighted to all our customers that they could create tickets and chat to us.
If I now say, you can no longer open tickets, I am going to have to explain why.
I’m feeling a little more comfortable with these config changes, however there is room for improvement. and I’ll log some feature requests for those.
Glad this largely solved the core issue. Having customers opening tickets on the portal but not being able to view them on the portal might be inopportune. You might want to look at them moving to an Agent Contact Form from the tray instead if you aren’t going to have them opening tickets directly via email as the primary intake method. That or weaning customers as needed onto the portal using portal logins. It really is a powerful tool.
Still think that default SHOULD NOT be open registration link… I do think it’s important for security, and name of both Syncro company and our company names, to have EVERY possible hole plugged. So in modern day, there SHOULD NOT be an open register link anylonger. Why is there not a registration button and system in place for that? More traditional… Each syncro subdomain get’s a portal system, and the company.syncromsp.com/portal lands on general login page as it does now, with a register button. This register form checks the syncro system and ONLY allows registrations of confirmed email given when creation of acct/ticket. That would then limit random spam BS. If they have issue, they call us and we manually register account and have them reset password, yada yada.
Not at all crazy. @revivaltechrepair
There is no excuse for the default settings being the way they are. They are terrible.
We use CloudRadial, integrate it with Syncro, and then changed the portal URL to be our CloudRadial portal. This way our clients have access to all their tickets through their CloudRadial (CR) portal and all the other features that come with CR. And we’ve locked down Syncro “non-portal users” as well.
We did the same, although we never intended for the portal to be used from day one as it would be a massive pain creating all the users. ( I did make a feature request for an AAD integration) - But F that wouldn’t be coming any time soon.
But for sure, this definitely should not be the default.
I have never used the portal and removed the link to it from the email templates early on. Can someone share the URL format to a customer’s portal so I can see what this looks like?
Also, in removing the ‘Non-Portal Users Group’ permissions, it won’t let me save the changes unless at least 1 item is checked. Is there no way to uncheck everything?
Good luck guessing the link really… the default link still needs a generically created portal key of which you do not even get to see…
The only way people can get to it is if you leave the Portal Link in your Default email templates (which honestly, people should be checking to see if they are suitable to their businesses needs first anyways)
AND if you did not setup how you wanted your portal access to function in the permissions. (which again people should also be checking at the start)
Both of these items are covered in the setup and the guides and it works great if you have things setup correctly.
We use this Portal system and it’s great (but with modified default portal access levels), however it would be nice if there was “Default Portal Mode” setting in the Setting menu and/or a “Select Portal Mode” per customer that could be a drop down to select between
‘Disable Portal Access’; ‘Portal_Key Access’ and ‘Portal Users Access’.
Currently there is only an ‘enable portal user’ which stops the ‘portal_key’ auto login from being the link and makes that customer be prompted to login instead.
If it functioned this way, then the Email templates that have a portal link could just hide if the customers ‘disable portal access’ was toggled, or do the correct link for the mode as it does currently.
And for security conscious people new to Syncro, the default setting on a new instance could have ‘disable portal access’ as the default perhaps.
Win, win for everyone that way.
Unfortunately if there is a will - there is a way. I can think of a few right off the bat with just some social engineering at play that wouldnt really require much guess work. With that said, we are making steps to move away from the default behavior so this doesnt become a problem in the future.