Secure Data Transport

About “Secure Data Transport”

Secure Data Transport is a 100% Salesforce native application that provides the following ways to communicate with the customers securely. All customer data will be stored in salesforce and salesforce is compliant with most industry security standards and requirements hence “Secure Data Transport” application inherits all the certifications.

SMS (Power by Telnyx) - Ability to send SMS directly from salesforce.
Secure Email (Powered by PauBox) - Cloud Maven’s “Secure Data Transports” has seamless integration with PauBox. Paubox offers a comprehensive set of features and services to make key management and encryption of PHI easy to manage and simpler to audit, including the Key Management Service (KMS). Master keys in KMS can encrypt/decrypt data encryption keys used to encrypt customer PHI. Data encryption keys are protected by customer master keys stored in KMS, creating a highly auditable key hierarchy as API calls to KMS are logged.
Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc) - Transport sensitive data and documents in and out of Salesforce with no pins, passwords, logins, accounts, apps, or software to download with Secure File Transport. Fully compliant with multiple regulatory agencies including GDPR, SOC2, and HIPAA.

Important Link (Security & Trust)

SMS (Power by Telnyx)	Secure Email (Powered by PauBox)	Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc)

SMS (Power by Telnyx)

Secure Email (Powered by PauBox)

Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc)

Trust & Security

Security Information

US Patent Office Approves our Approach to Email Encryption

Encryption Using TLD1.2 and above

Security

White Paper

SOC2 Certified

GDPR Compliant

PCI Compliant

HITRUST Certified

SOC2 Certified

GDPR Compliant

PCI Compliant

HIPPA Complaint

SOC2 Certified

PCI DSS

HIPAA Compliant

Privacy Shield Certified

GDPR Complaint

FERPA Compliant

GLBA

Architecture

The user will login to salesforce using the credentials or single-sign on(if setup by the customer). If the single sign-on is enabled, the salesforce user will be able to login using either of the SSO flows( Service Provider or Identify Provider Initiated Flow).
Once the user is validated(either using the salesforce credentials or SAML token), user will be authenticated and would be able to use the functionality.
The “Secure Data Transport” is 100% native application to salesforce hence the client’s salesforce administrator will be able to control following functionality -
1. Who should see / use the application - SF Admin need to grant the app license and permission. This can be done using the setup menu( permission sets and grant app license functionality).
2. Prevent Unauthorized Sites and Network Addresses - Before any callout can call an external site, that site must be registered in the Remote Site Settings page, or the callout fails. Salesforce prevents calls to unauthorized network addresses. This control will ensure that no traffic / data is transmitted using the cloud maven servers.
The data is transmitted using the HTTPS protocol and all the data in-transit is encrypted using TLS 1.2+ protocol.
Data at rest is encrypted using AES 256 encryption(in Telnyx, Botdoc and Paubox).
The functionality to “Send SMS”, “Send Secure Email”, “Request / Send Documents” using any workflow or any salesforce screens. All components are fully mobile compatible.

Benefits

Operational Benefits

Security Benefits

Application Screenshots / Quick Video

“Secure Data Transport” application is fully customizable( launch from any Salesforce UI {Lightning Page}, automated events{Using Trigger, Process Builder or Flow}, Salesforce App{health cloud, Sales or any other custom-built app} to meet the customer requirements or workflow.

SMS Component in the Side Nav (This component can be added to any salesforce workflow and object)

SMS Component in the Utility Component (This component can be added to any salesforce workflow and object)

Secure Email using the button - Component can be called from Side Nav, Tab, or Ulitility.

SMS and Secure Email records in salesforce - All the records will be stored in Salesforce. Please find the screenshot.

Requesting documents from the customer (This component can be added to any salesforce workflow and object)

Sending secure document from the customer (This component can be added to any salesforce workflow and object)

We are recording special video demos. We will post the links shortly.

Cloud Maven, Inc doesn’t store nor transmit any data using “Cloud Maven’s” servers or infrastructure. We don’t have access to the client’s data in-transit or rest.

Data at rest outside salesforce is encrypted using AES 256 encryption. Data is salesforce can be encrypted using the salesforce shield product.