Privacy and Security¶
We take our customers’ data privacy and security very seriously.
Our solution Revenue Inbox performs synchronization of business communication and CRM data between user’s CRM account and user’s mailbox. Revenue Inbox for Salesforce can synchronize data of the following types: Calendar items, Tasks, Contacts, Email messages, and Attachments of the authorized User. Using the solution’s Dashboard, the authorized User can define which record types to synchronize via the Service, as well as several more aspects of its functioning.
Privacy shield certified
ISO-27001 (information security management set) certified
With over 13 years of experience of building and implementing successful enterprise solutions, we know very well that email correspondence and CRM data stand among the key assets of any modern business. For this reason handling all communications between your email and CRM systems and Revenue Inbox with maximum security is our topmost priority.
We follow a multi-level layered approach, which is continuously updated with the latest technologies to ensure the highest level of security for our customers’ data, from complete physical security of Microsoft certified data centers we use to secured access authorization procedures for the end users (see below) and the latest gen encrypted data transfer protocols.
Revenue Inbox Sync component is built as a scalable customized Microsoft Azure service which supports geo-distributed data centers and provides the highest levels of availability and resilience; it matches Microsoft’s standards for secure applications.
The Add-In component of Revenue Inbox is a MS Outlook add-in verified by Microsoft that works directly with users’ email and CRM data, also displaying relevant information for the end users and conveying their inputs and actions to RI Sync or directly to Salesforce. The Chrome Extension option for RI integration into Gmail works in the same manner as the Add-In and is verified by Google.
While Revenue Inbox also supports legacy authentication solutions, for example to work with MS Exchange 2010, by default all RI end users follow the most secure access authentication procedures:
Using OAuth 2.0 to grant MS Exchange data access, with optional fallback to login/password authentication for legacy MS Exchange servers
Possibility of mass mailboxes provisioning via Impersonated Exchange access, where the local Exchange Admin grants Revenue Inbox permissions to work with specified users’ mailboxes and calendar data
Possibility of mass Salesforce provisioning via impersonating account or API-only user, where the local Salesforce Admin grants Revenue Inbox permissions to work with specified users’ Salesforce data
Granular Access Control¶
Our app’s access to user configurations and data is built on granular level, it is based on the concepts of Permissions, Roles, Principals, Resources and Authorizations:
- All data views, transfers, or other related actions are controlled by structured permission rules
- Combination of Permission sets into Roles allows to define allowed operations scopes very specifically
- In RI data access architecture, assigning of Principals, Roles for specific Resources access, results in granting of the minimum required permissions level for performing of very specific tasks
This access control policy covers all Revenue Inbox users, including RevenueGrid.com Admins: Sales, Support and Customer Success teams, to ensure that the customers’ data is accessible only by the entitled end users.
Revenue Inbox ensures multi-level protection of sensitive data from accidental or malicious loss, whether in transit, at rest, or on the go. Among standard techniques, that includes:
- Access to Salesforce, Office 365, and Gmail data is performed through certified apps on respective services
- In-transit encryption: all data transfers between Salesforce/Microsoft Exchange or Google servers as well as user interactions with them via RI are encrypted with TLS protocol
- At rest encryption: all relevant configuration data is encrypted in rest state on physical storage database level
- Secrets handling: all used access secrets (tokens, passwords) are additionally encrypted on application level using keys transferred separately from the data. Furthermore, RI API connections are designed in such a way so access secrets never leave Revenue Inbox perimeter
- Data backup and point-in-time restore: users’ and orgs’ configuration data is continuously backed-up automatically; it is kept as multiple copies, ensuring the possibility to do a point-in-time restore
- Data isolation: server-side synchronization of data of different RI users is logically and physically isolated, which guarantees that no data can be transferred or leak between the users, in any other ways but ones defined by Salesforce or Microsoft Exchange / Office 365 / Gmail
- Data centers: Revenue Inbox is hosted on Microsoft Azure data centers which ensure the highest security levels
- Security Updates: Revenue Inbox is a managed cloud solution; that, regular besides updates of RI features, implies automatic front-end and back-end data security infrastructure updates
- Firewalls and network access: Revenue Inbox uses Microsoft Azure’s capabilities to run its services in a secure virtual network with limited and strictly audited external access
- Networking: no server used by Revenue Inbox for user data transfers or config keeping is accessible from outside the network. Any externally visible services operate behind a firewall and a load balancer within this virtual private network