Cloudingo Security

Access to Data

Symphonic Source, Inc. never has access to customer data or Salesforce credentials.

We do receive some stats from Cloudingo, but they are only raw numbers based on the filters within our application. (This is equivalent to Salesforce knowing how much data is stored in the org.)

Symphonic Source, as the maker of Cloudingo, has no access to customer Salesforce data or any data that Cloudingo reports. We also do not have access to login credentials to Cloudingo or to Salesforce. From our logs, we can report on the configuration of Cloudingo filters as well as their results in terms of raw numbers (numbers of duplicates identified), but no other details.

 

Data Storage

Cloudingo stores very little data. Customer information is neither stored nor cached.

Cloudingo will store field maps as well as the data from the primary field used to establish matches. When opening a group of duplicates, Cloudingo makes a real-time API call to Salesforce to display the field data to the user. Once the group is closed, the data is released.

Salesforce credentials are stored in Cloudingo. They are fully encrypted. Once saved, they cannot be viewed again. They can be updated, of course, but once saved they cannot be viewed.

 

Audits

Cloudingo is subject to regular Salesforce sponsored and independent security audits.

SAS 70 Type II Compliant
The web portal runs on a SAS-70 type II compliant infrastructure at one of the nation’s largest hosting providers. Cloudingo is hosted inside of this data center on dedicated servers with dedicated firewalls. All the standard physical security features are present: biometric access controls, intrusion detection, redundant power feeds and generators, fire suppression, climate control, etc.

As a certified Salesforce ISV Partner we are audited annually on our security measures by salesforce.com’s team of security experts. We uphold the highest security standards at Symphonic Source, and have passed Salesforce.com’s rigorous audit every year without fail.

 

isv-logo

 

 

 

 

Additional Security Details

Security and Reliability Safeguards
Customer security and privacy are at the forefront of every decision we make regarding development, support and expansion of Cloudingo. Managing the security of the Cloudingo application as well as all systems and data that make up Cloudingo are our top priority.

SSL Security
Any and all information that you see and interact with inside Cloudingo is protected using industry standard 256-bit SSL encryption.

Cloudingo & Salesforce.com Communication
Cloudingo communicates with Salesforce.com via the Salesforce.com API (secured via SSL).

Firewalls
The Cloudingo application – and all of its components – rest securely behind server firewalls.

Sophisticated Password Policy Enforcement
Cloudingo has a strict password policy that includes complexity requirements, password history, forced resets, notification of password changes, lockouts etc.

Proactive Penetration Testing
Cloudingo undergoes routine, random, penetration testing.

 

More Information

Salesforce Security Statement