Revenue Grid Privacy and Security

We’re always focused on your information’s security and privacy. That’s why we perform security reviews on every phase of product development, from design to deployment. In addition to conducting peer reviews and automated tests, we ensure the physical security of our certified data centers, go through independent audits, and comply with international data privacy regulations.

img-security

  • img-iso
  • img-privacy-shield
  • img-gdpr
  • img-penetration-tested

Overall, this was a very straightforward test.
Your environment is well locked down and secure

Steve Vasconcellos

Director IT Security Services, Clark Number

Privacy

  • No stored data

    We never store any of your Salesforce, Exchange, or Google data. We only transfer your information (e.g., your contacts, emails, etc.).

  • GDPR

    We are compliant with the EU’s General Data Protection Regulation (GDPR).

  • Secure by Design

    Our product design, implementation and maintenance processes are tailored to protect your data.

Security

  • Single Sign On

    We support any SSO options that our customers use for Salesforce, Microsoft Office 365, and Google accounts, minimizing risks of password cracking.

  • OAuth 2.0

    We support OAUTH 2.0 flow for user authorization to Salesforce, Microsoft Office 365 and Google accounts, and we do not store user credentials.

  • ISO 27001

    We undergo an annual independent audit to stay ISO 27001 certified.

  • External Penetration testing

    A reputable external entity performs penetration testing twice a year.

  • Access Control

    Access to user configurations and data is on a granular level and is built around the concepts of permissions, roles, principals, resources and authorizations.

  • Tenant Isolation

    Our products can be deployed in multi-tenant mode, which keeps customers’ configurations and data separate at the application and database level. Users can also deploy our products in private tenant configuration, which separates customer data from any other data.

Data Protection

  • Access to data

    Access to data is managed through registered applications on Salesforce and Office 365.

  • In-transit encryption

    Information exchange and user interactions are encrypted with SSL.

  • Data-at-rest encryption

    Configuration data is encrypted while stored in a physical database.

  • Secrets management

    Secrets (tokens, passwords) are encrypted on applications, using keys stored separately from the database. APIs are built to ensure that secrets never leave our perimeter.

  • Data backup and point-in-time restore

    Configuration data is continuously backed up. We create multiple copies to facilitate point-in-time restore.

  • Data isolation

    Synchronization data for different customers is physically isolated, which guarantees that there will be no information leaks between customers.

Infrastructure

  • Data centers

    Our products are hosted in Microsoft Azure data centers.

  • Security Updates

    Our products operate as managed cloud solutions and include automatic updates and security patches.

  • Firewalls and network access

    We run the service in a secure network with limited and audited external access.

  • Monitoring

    The instances are constantly monitored for availability and errors to ensure highly available and reliable service.

Dedicated to security

Our security team is constantly working on improving the security and privacy of your information. We are currently in the process of attaining other security certificates.

If you have any questions about the way your information is protected or about other security matters, please contact us at [email protected]

close
Search
Generic filters
expand_less