About “Secure Data Transport”
...
Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc) | ||
---|---|---|
SOC2 Certified GDPR Compliant PCI Compliant | HITRUST Certified SOC2 Certified GDPR Compliant PCI Compliant HIPPA Complaint | SOC2 Certified PCI DSS HIPAA Compliant Privacy Shield Certified GDPR Complaint FERPA Compliant GLBA |
Architecture
...
The user will login to salesforce using the credentails or single-sign on(if setup by the customer). If the single sign-on is enabled, the salesforce user will be able to login using either of the SSO flows( Service Prodiver or Identify Provider Initiated Flow).
Once the user is validated(either using the salesforce credentails or SAML token), user will be authenticated and would be able to use the functionality.
The “Secure Data Transport” is 100% native application to salesforce hence the client’s salesforce adminstrator will be able to control following functionality -
Who should see / use the application - SF Admin need to grant the app license and permission. This can be done using the setup menu( permission sets and grant app license functionality).
Prevent Unauthorized Sites and Network Addresses - Before any callout can call an external site, that site must be registered in the Remote Site Settings page, or the callout fails. Salesforce prevents calls to unauthorized network addresses. This control will ensure that no traffic / data is transmitted using the cloud maven servers.
The data is transmitted using the HTTPS protocol and all the data in-transit is ecnrypted using TLS 1.2+ protocol.
The data will re
Benefits
Operational Benefits
...
Security Benefits
...
Application Screenshots
Cloud Maven, Inc doesn’t store nor transmit any data using “Cloud Maven’s” servers or infrastructure. We don’t have access to the client’s data in-transit or rest.
Data at rest outside salesforce is encrypted using AES 256 encryption. Data is salesforce can be encrypted using the salesforce shield product.