BombBomb's Salesforce CRM integration allows you to import contacts and leads from Salesforce while keeping Salesforce informed about all activities in your BombBomb account.
At BombBomb, we prioritize your privacy and personal data, striving to maintain a high standard of security to protect it. Here's everything you need to know about our Salesforce integration data security and privacy.
Compatibility
- Works directly inside Salesforce Enterprise and Unlimited editions using Lightning.
Data privacy
BombBomb collects lead, contact emails, and record ID's to create tracking events within Salesforce. When sending emails through BombBomb, the sent email is stored in the customer's BombBomb account. All videos are stored on BombBomb's servers to serve content to recipients and track interactions with your video emails (e.g., opens, clicks, video playback duration).
Data Security and Integrity
- Encryption: Communication protocols are encrypted using TLS 1.2 over public networks. Data at rest is encrypted using a minimum of AES 256. A Bastion Host governs all access to customer production data.
-
Continuous monitoring:
-
- Monitoring, alerting, and centralized log and event management.
- An on-call security team monitors all web application activity through a SIEM.
- 24/7 application performance monitoring.
- Monthly penetration testing performed by IT staff.
- Routine third-party security reviews and penetration tests.
- Log aggregation and retention for compliance.
-
- Private Subnet
All endpoints are secured behind a private subnet to protect against attacks.
-
-
- MFA required for access to customer production data.
- VPN IP restrictions are enforced to allow access to authorized team members only.
-
Authentication and Authorization
- Authentication: OAUTH 2.0
- Authorization: Role- and permission-based access to prevent unauthorized access to your data, utilizing AWS IAM roles and Custom ACLs.
Change management
The entire build and deployment ecosystem is governed by an enforced gating process that includes:
- Peer code review for secure coding practices.
- QA testing and automated testing for application functionality.
Comments
0 comments
Please sign in to leave a comment.