Security is at the heart of Cloud Coach’s application development. This is why we developed our products to run exclusively on the Salesforce platform. Our core information security principles are:
Cloud Coach is committed to achieving and maintaining these principles and the trust of our customers. Integral to this is providing a robust security and privacy program that carefully considers security and data protection across our services, including data submitted by customers to our services (“customer data”). Our customers are in a wide range of verticals, some with stringent security requirements, including financial services, healthcare, technology, energy, and government.
Cloud Coach does its best to ensure that customer and company information assets are protected in accordance with industry best practices.
Built on the Salesforce Platform
Cloud Coach solutions are developed exclusively on the Force.com platform, an industry-leading and mature platform for cloud applications. Cloud Coach applications go through a qualitative and quantitative security review process with Salesforce to ensure applications meet a set of security standards and best practices. By leveraging this industry-leading, cloud-based platform, Cloud Coach and its customers benefit from a variety of security features including user management, data visibility protection, disaster recovery and backups, and physical and network security. Housed on the Force.com platform, Cloud Coach products have consistently met the most stringent data security requirements, and comply with major security, privacy and data protection laws and standards globally.
Because Cloud Coach applications run exclusively within the Salesforce platform, Cloud Coach and its customers benefit from the security measures and certifications attained by Salesforce. Salesforce undergoes comprehensive privacy and security assessments by, and has achieved certifications from multiple auditors and certifying bodies. These include the following security- and privacy-related audits and certifications: Geographical Recognition:
Global Audit Compliance
A current list of security and privacy assessments and certifications of the Salesforce platform can be found at https://trust.salesforce.com/en/compliance/.
Cloud Coach applications are submitted to Salesforce as part of the AppExchange Security Review process. Salesforce provides the AppExchange Security Review program to assess the security posture of ISV applications published on the AppExchange against industry best practices for security.
Because Cloud Coach applications are 100% Force.com-native, all data processed by Cloud Coach applications resides on the Salesforce cloud platform owned, operated and managed by Salesforce.
Cloud Coach relies on Salesforce platform capabilities for encryption of data in transit. Salesforce uses industry-accepted encryption products to protect customer data and communications during transmissions between a customer’s network and the Cloud Coach applications, including 128-bit Advanced Encryption Standard (AES), and PCI-DSS L1 Compliance. Additionally, customer data is encrypted during transmission between data centers for replication purposes. Additional security features are available as part of the Salesforce Shield program, available from Salesforce.