About “Secure Data Transport”
Secure Data Transport is a 100% Salesforce native application that provides the following ways to communicate with the customers securely. All customer data will be stored in salesforce and salesforce is compliant with most industry security standards and requirements hence “Secure Data Transport” application inherits all the certifications.
SMS (Power by Telnyx) - Ability to send SMS directly from salesforce.
Secure Email (Powered by PauBox) - Cloud Maven’s “Secure Data Transports” has seamless integration with PauBox. Paubox offers a comprehensive set of features and services to make key management and encryption of PHI easy to manage and simpler to audit, including the Key Management Service (KMS). Master keys in KMS can encrypt/decrypt data encryption keys used to encrypt customer PHI. Data encryption keys are protected by customer master keys stored in KMS, creating a highly auditable key hierarchy as API calls to KMS are logged.
Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc) - Transport sensitive data and documents in and out of Salesforce with no pins, passwords, logins, accounts, apps, or software to download with Secure File Transport. Fully compliant with multiple regulatory agencies including GDPR, SOC2, and HIPAA.
Important Link (Security & Trust)
Securely Send and Receive Sensitive Data and Files Inside Salesforce (Powered by BotDoc) | ||
---|---|---|
SOC2 Certified GDPR Compliant PCI Compliant | HITRUST Certified SOC2 Certified GDPR Compliant PCI Compliant HIPPA Complaint | SOC2 Certified PCI DSS HIPAA Compliant Privacy Shield Certified GDPR Complaint FERPA Compliant GLBA |
Architecture
The user will login to salesforce using the credentials or single-sign on(if setup by the customer). If the single sign-on is enabled, the salesforce user will be able to login using either of the SSO flows( Service Provider or Identify Provider Initiated Flow).
Once the user is validated(either using the salesforce credentials or SAML token), user will be authenticated and would be able to use the functionality.
The “Secure Data Transport” is 100% native application to salesforce hence the client’s salesforce administrator will be able to control following functionality -
Who should see / use the application - SF Admin need to grant the app license and permission. This can be done using the setup menu( permission sets and grant app license functionality).
Prevent Unauthorized Sites and Network Addresses - Before any callout can call an external site, that site must be registered in the Remote Site Settings page, or the callout fails. Salesforce prevents calls to unauthorized network addresses. This control will ensure that no traffic / data is transmitted using the cloud maven servers.
The data is transmitted using the HTTPS protocol and all the data in-transit is ecnrypted using TLS 1.2+ protocol.
The data will re
Benefits
Operational Benefits
Security Benefits
Application Screenshots
Cloud Maven, Inc doesn’t store nor transmit any data using “Cloud Maven’s” servers or infrastructure. We don’t have access to the client’s data in-transit or rest.
Data at rest outside salesforce is encrypted using AES 256 encryption. Data is salesforce can be encrypted using the salesforce shield product.