Today, any company seeking a CRM solution will have questions about data security, simply because data security is a top concern. Here are answers to specific questions many have about data security in Pipeliner CRM.
Limiting Data Access
In Pipeliner, data access can be limited based on numerous factors such as types of users, groups, permissions or data elements. Task level permission can be assigned to users, and users can only view or edit specific records defined in administration. Tasks themselves can also be assigned multiple access levels.
Security is applied at field level for sensitive information—sensitive information can be hidden for selective roles. Field level security allows you to make fields invisible, enable them for read-only or for full access. There are no fields or features in our standard data model that are not configurable by the client.
Administrators set roles and permissions, and administrators themselves can be assigned various levels of privileges.
Data is fully segregated between clients, as described in the last article.
Pipeliner employees do not have access to customer data, which is part of our GDPR compliance. If a client chooses, they may add a Pipeliner employee as an authorized user and thereby grant access to the customer’s data. Otherwise, we are only able to see customer usage of the system, but not the data.
So that changes can be tracked, Pipeliner maintains a log of all changes to data in the system, including the time of the action, the user taking the action, and the specific action and data changes.
Data in transit is encrypted and securely transmitted using the latest SSL (secure socket layer) technology.
Data at rest is encrypted by our cloud provider AWS (Amazon Web Services). AWS utilizes the industry-standard AES-256 encryption algorithm for the encryption of data on the server.
Data Backups and Disaster Recovery
As covered in our last article, CRM data is fully backed up. You can recover your database at any point during the backup retention period of 35 days, guaranteed by AWS RDS backup services. We can at any time provide a complete backup/dump of the data, and with one of our technologies, Bi-Feeder, we can even provide daily access to the full database.
We inherit the disaster and failover capabilities within the AWS environment. In addition to these, Pipeliner CRM has an internal mechanism for a secondary site to be available within 24 hours.
Pipeliner has the ability to integrate its login with the client’s sign-on protocol, through SAML 2. Two-factor authentication, if required, is provided by external services, such as Google or Microsoft.
A complete, easy-to-use toolkit is provided for platform configuration, defining workflow rules, automation, data visualization, and more.
Feel free to contact us if you have further questions about our data security management.