Security

  • Connector.

    Salesforce Security Model

    Full compliance with Salesforce Sharing Model certified through Salesforce ISV security review and ISV Status

  • Connector.

    Granular Object and Field Permissions

    Full compliance with Salesforce Object CRUD and Field Level Security through User Profiles. Restrict further with customisation per app

  • Connector.

    User Profile App Permissioning

    Lock down Mobile App installation per app per Salesforce profile enhancing Salesforce API login restrictions

  • Connector.

    Access & Transaction Audit

    Connection Sessions Audit Logs. Record and view Installations, Upgrades, Data Access with record level read/write visibility

  • Connector.

    Secure Network Communications

    Utilising Transport Layer Security TLS 1.2 providing privacy and and data integrity for all communications

  • Connector.

    Industry Standard User Authentication

    OAuth 2.0 User Authentication for all client apps with dedicated Salesforce Connected App.

  • Connector.

    Encrypted Local Storage

    iOS, Android, Chromebook OS (Windows 10 Beta, Mac OS Beta) SQLCipher/AES256 encryption for offline data.

The MobileCaddy solution is a certified managed package installed into a client’s Sandbox and Production Instances.

All data processed by the MobileCaddy package is within the client’s Salesforce.com environment, and all data processed with packaged code conforms to ‘with sharing’. This ensures no customer data is processed outside of the client’s Salesforce.com environments and all data is processed adhering to the client’s prevailing Salesforce user sharing models in terms of record visibility.

The MobileCaddy package is certified and security reviewed regularly by Salesforce.com, which includes scans to ensure user profile permissions are respected and maintained at the object CRUD and field level security as determined by the client’s specific org configuration.

Click here to view the full MobileCaddy Security Overview and Cloud Control Matrix

Monitoring logs transmitted to MobileCaddy for application performance and issue alerting transmit no customer data.

Logging data is Org Id, User Id, Connection Session Id, Monitoring Status Value and low level code snippets or DML exceptions. They may also include Salesforce metrics data relating to percentage of Salesforce limits and utilisation of limits to allow clients to be notified or limits nearing or exceeding limits to allow for early mitigation

Click here to view the full MobileCaddy Security Overview and Cloud Control Matrix