Privacy and Security¶
We take our customers’ data privacy and security very seriously. For this reason, we adhere to the following basic principles to protect customer data:
- We never share our customers’ personal or business data with third parties
Revenue Engage never stores any of your Salesforce or MS Exchange/Office 365/Gmail data, such as contacts, emails, calendar items, etc. The relevant data is only discreetly transferred through the cloud app, temporarily cached in secure MS Azure servers’ memory and is never written to any persistent storage nor transferred outside of the established secured infrastructure. Essential exceptions to this principle:
- What data is temporarily cached for logging purposes by Revenue Inbox: 1. identifiers and last modified dates of the records processed by Revenue Inbox sync; 2. the names of records with which the Sync engine had issues, solely to indicate them to the end users and Admins in sync error notifications; 3. Revenue Inbox Meetings Scheduler temporarily keeps specified slots and spans to build selection tables for the recipients.
- Unlike Revenue Inbox, Revenue Engage has to store specific customer and communication data which is required for performing its sales engagement and communication automation functions: the users’ email correspondence history and contacts imported from Salesforce are securely and discretely kept on Revenue Engage’s MS Azure servers.
Any personally identifiable information which gets transferred through our servers is secured with industry standard protocols and encryption technologies; more on this below.
Privacy shield certified
ISO-27001 (information security management) certified
With over 13 years of experience of building and implementing successful enterprise solutions, we know very well that email correspondence and CRM data stand among the key assets of any modern business. For this reason handling all communications between your email and CRM systems and Revenue Engage with maximum security is our topmost priority.
We follow a multi-level layered approach, which is continuously updated with the latest technologies to ensure the highest level of security for our customers’ data, from complete physical security of Microsoft certified data centers we use to secured access authorization procedures for the end users (see below) and the latest encrypted data transfer protocols.
Revenue Inbox Sync component, also used in Revenue Engage’s architecture, is built as a scalable customized Microsoft Azure service which supports geo-distributed data centers and provides the highest levels of availability and resilience; it matches Microsoft’s standards for secure applications.
The Sidebar widget component of Revenue Engage is a web rendition of an MS Outlook add-in verified by Microsoft that works directly with users’ email and CRM data, also displaying relevant information for the end users and conveying their inputs, actions, and choices to Revenue Engage, email server or Salesforce.
All RE end users follow the most secure access authentication procedures:
Using OAuth 2.0 to grant MS Exchange data access, with optional fallback to login/password authentication for legacy MS Exchange servers
Granular Access Control¶
Our app’s access to user configurations and data is built on granular level, it is based on the concepts of Permissions, Roles, Principals, Resources and Authorizations:
- All data views, transfers, or other related actions are controlled by structured permission rules
- Combination of Permission sets into Roles allows to define allowed operations scopes very specifically
- In RE data access architecture, assigning of Principals, Roles for specific Resources access, results in granting of the minimum required permissions level for performing of very specific tasks
This access control policy covers all Revenue Engage users, including Invisible.io Admins: Sales, Support and Customer Success teams, to ensure that the customers’ data is accessible only by the entitled end users.
Revenue Engage ensures multi-level protection of sensitive data from accidental or malicious loss, whether in transit, at rest, or on the go. Among standard techniques, that includes:
- Access to Salesforce, Office 365, and Gmail data is performed through certified apps on respective services
- In-transit encryption: all data transfers between Salesforce/Microsoft Exchange or Google servers as well as user interactions with them via RE are encrypted with TLS protocol
- At rest encryption: all relevant configuration data is encrypted in rest state on physical storage database level
- Secrets handling: all used access secrets (tokens, passwords) are additionally encrypted on application level using keys transferred separately from the data. Furthermore, RE API connections are designed in such a way so access secrets never leave Revenue Engage perimeter
- Data backup and point-in-time restore: users’ and orgs’ configuration data is continuously backed-up automatically; it is kept as multiple copies, ensuring the possibility to do a point-in-time restore
- Data isolation: server-side synchronization of data of different RE users is logically and physically isolated, which guarantees that no data can be transferred or leak between the users, in any other ways but ones defined by Salesforce or Microsoft Exchange / Office 365 / Gmail
- Data centers: Revenue Engage is hosted on Microsoft Azure data centers which ensure the highest security levels
- Security Updates: Revenue Engage is a managed cloud solution; that, regular besides updates of RE features, implies automatic front-end and back-end data security infrastructure updates
- Firewalls and network access: Revenue Engage uses Microsoft Azure’s capabilities to run its services in a secure virtual network with limited and strictly audited external access
- Networking: no server used by Revenue Engage for user data transfers or config keeping is accessible from outside the network. Any externally visible services operate behind a firewall and a load balancer within this virtual private network