Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

About “Secure Data Transport”

Secure Data Transport is a 100% Salesforce native application that provides the following ways to communicate with the customers securely. All customer data will be stored in salesforce and salesforce is compliant with most industry security standards and requirements hence “Secure Data Transport” application inherits all the certifications.

  1. SMS (Power by Telnyx) - Ability to send SMS directly from salesforce.

  2. Secure Email (Powered by PauBox) - Cloud Maven’s “Secure Data Transports” has seamless integration with PauBox. Paubox offers a comprehensive set of features and services to make key management and encryption of PHI easy to manage and simpler to audit, including the Key Management Service (KMS). Master keys in KMS can encrypt/decrypt data encryption keys used to encrypt customer PHI. Data encryption keys are protected by customer master keys stored in KMS, creating a highly auditable key hierarchy as API calls to KMS are logged.

  3. Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc) - Transport sensitive data and documents in and out of Salesforce with no pins, passwords, logins, accounts, apps, or software to download with Secure File Transport. Fully compliant with multiple regulatory agencies including GDPR, SOC2, and HIPAA.

Important Link (Security & Trust)

SMS (Power by Telnyx)

Secure Email (Powered by PauBox)

Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc)

Trust & Security

Security Information

US Patent Office Approves our Approach to Email Encryption

Encryption Using TLD1.2 and above

Security

White Paper

SOC2 Certified

GDPR Compliant

PCI Compliant

HITRUST Certified

SOC2 Certified

GDPR Compliant

PCI Compliant

HIPPA Complaint

SOC2 Certified

PCI DSS

HIPAA Compliant

Privacy Shield Certified

GDPR Complaint

FERPA Compliant

GLBA

Architecture

  1. The user will login to salesforce using the credentails or single-sign on(if setup by the customer). If the single sign-on is enabled, the salesforce user will be able to login using either of the SSO flows( Service Prodiver or Identify Provider Initiated Flow).

  2. Once the user is validated(either using the salesforce credentails or SAML token), user will be authenticated and would be able to use the functionality.

  3. The “Secure Data Transport” is 100% native application to salesforce hence the client’s salesforce adminstrator will be able to control following functionality -

    1. Who should see / use the application - SF Admin need to grant the app license and permission. This can be done using the setup menu( permission sets and grant app license functionality).

    2. Prevent Unauthorized Sites and Network Addresses - Before any callout can call an external site, that site must be registered in the Remote Site Settings page, or the callout fails. Salesforce prevents calls to unauthorized network addresses. This control will ensure that no traffic / data is transmitted using the cloud maven servers.

  4. The data is transmitted using the HTTPS protocol and all the data in-transit is ecnrypted using TLS 1.2+ protocol.

  5. The data will re

Benefits

  • Operational Benefits

  • Security Benefits

Application Screenshots

Cloud Maven, Inc doesn’t store nor transmit any data using “Cloud Maven’s” servers or infrastructure. We don’t have access to the client’s data in-transit or rest.

Data at rest outside salesforce is encrypted using AES 256 encryption. Data is salesforce can be encrypted using the salesforce shield product.

  • No labels