Privacy and Security¶
For users of the Email Sidebar on:
5 min read
We take our customers’ data privacy and security with utmost seriousness.
Our solution RG Email Sidebar performs synchronization of business communication and CRM data between users’ CRM accounts and mailboxes.
RG Email Sidebar for Salesforce synchronizes the following types of authorized users’ data: Calendar items, Tasks, Contacts, Email messages, and file Attachments. Using the solution’s Dashboard, the users can define which record types to synchronize via RGES service, as well as other aspects of its functioning.
For more details, see the “Product-specific Privacy Terms” section of the complete Revenue Grid Data Security Policies document.
Official certification and regular audit¶
⇛ SOC2 Type II certified: Security, Availability, Processing Integrity, Confidentiality, and Privacy Audit
⇛ Privacy shield certified
⇛ GDPR compliant
⇛ HIPAA Seal of Compliance verified
⇛ ISO-27001 (Information Security Management set) certified
⇛ A multisided solution security review carried out by NCC Group
⇛ Revenue Grid is a longstanding certified Microsoft Partner based on special competency requirements
⇛ All Revenue Grid components undergo regular penetration tests carried out by independent contractors
⇛ Revenue Grid technical support team ensures super-fast reaction to security cases as well other kinds of reports. See this article for more information
With over 13 years of experience of building and implementing successful enterprise solutions, we know very well that email correspondence and CRM data stand among the key assets of any modern business. For this reason handling all communications between your email and CRM systems and RG Email Sidebar with maximum security is our topmost priority.
We follow a multi-level layered approach, which is continuously updated with the latest technologies to ensure the highest level of security for our customers’ data, from complete physical security of Microsoft certified data centers we use to secured access authorization procedures for the end users (see below) and the latest gen encrypted data transfer protocols.
Revenue Grid Sync component is built as a scalable customized Microsoft Azure service which supports geo-distributed data centers and provides the highest levels of availability and resilience; it matches Microsoft’s standards for secure applications.
The Add-In component of RG Email Sidebar is a MS Outlook add-in verified by Microsoft that works directly with users’ email and CRM data, also displaying relevant information for the end users and conveying their inputs and actions to RGES Sync or directly to Salesforce. The Chrome Extension option for RGES integration into Gmail works in the same manner as the Add-In and is verified by Google.
While RG Email Sidebar also supports legacy authentication solutions, for example to work with MS Exchange 2010, by default all RGES end users follow the most secure access authentication procedures:
Single Sign-On to access Salesforce and OAuth 2.0 or MS Graph for Office 365
Using EWS to authorize MS Exchange data access, with optional fallback to login/password authentication for legacy MS Exchange servers
Using OAuth 2.0 to authorize Gmail and Google calendar data access for RGES Chrome Extension users
Possibility of mass mailboxes provisioning via Impersonated Exchange access, where the local Exchange Admin grants RG Email Sidebar permissions to work with specified users’ mailboxes and calendar data
Possibility of mass Salesforce provisioning via impersonating account or API-only user, where the local Salesforce Admin grants RG Email Sidebar permissions to work with specified users’ Salesforce data
Granular Access Control¶
Our app’s access to user configurations and data is built on granular level, it is based on the concepts of Permissions, Roles, Principals, Resources and Authorizations:
- All data views, transfers, or other related actions are controlled by structured permission rules
- Combination of Permission sets into Roles allows to define allowed operations scopes very specifically
- In RGES data access architecture, assigning of Principals, Roles for specific Resources access, results in granting of the minimum required permissions level for performing of very specific tasks
This access control policy covers all RG Email Sidebar users, including Revenue Grid Admins: Sales, Support and Customer Success teams, to ensure that the customers’ data is accessible only by the entitled end users.
RG Email Sidebar ensures multi-level protection of sensitive data from accidental or malicious loss, whether in transit, at rest, or on the go. Among standard techniques, that includes:
- Access to Salesforce, Office 365, and Gmail data is performed through certified apps on respective services
- In-transit encryption: all data transfers between Salesforce/Microsoft Exchange or Google servers as well as user interactions with them via RGES are encrypted with TLS protocol
- At rest encryption: all relevant configuration data is encrypted in rest state on physical storage database level
- Secrets handling: all used access secrets (tokens, passwords) are additionally encrypted on application level using keys transferred separately from the data. Furthermore, RGES API connections are designed in such a way so access secrets never leave RG Email Sidebar perimeter
- Data backup and point-in-time restore: users’ and orgs’ configuration data is continuously backed-up automatically; it is kept as multiple copies, ensuring the possibility to do a point-in-time restore
- Data isolation: server-side synchronization of data of different RGES users is logically and physically isolated, which guarantees that no data can be transferred or leak between the users, in any other ways but ones defined by Salesforce or Microsoft Exchange / Office 365 / Gmail
- Data centers: RG Email Sidebar is hosted on Microsoft Azure data centers which ensure the highest security levels
- Security Updates: RG Email Sidebar is a managed cloud solution; that, regular besides updates of RGES features, implies automatic front-end and back-end data security infrastructure updates
- Firewalls and network access: RG Email Sidebar uses Microsoft Azure’s capabilities to run its services in a secure virtual network with limited and strictly audited external access
- Networking: no server used by RG Email Sidebar for user data transfers or config keeping is accessible from outside the network. Any externally visible services operate behind a firewall and a load balancer within this virtual private network
We would love to hear from you!