Security & Compliance
We take security and compliance seriously at Salesloft. We work with industry-leading providers to ensure that your data is safe and secure.
For information about platform administration privileges, setting role permissions, configuring integrations and more, visit our Governance page.
How we store, process, and secure your data
Salesloft is hosted at Amazon and Google data centers, running on Amazon Web Service and Google Cloud Platform technology. These data centers, located both in the US and in the EU, provide physical security 24/7, state of the art fire suppression, redundant utilities, and biometric devices to ensure your data is safe.
We take several steps to protect your data and prevent eavesdropping between your systems and ours. All network traffic runs over SSL/HTTPS, the most common and trusted communications protocol on the Internet.
We’re relentlessly updating our systems to protect your data. We regularly replace our virtual systems with new, patched ones. We maintain system consistency using a combination of configuration management, up-to-date images, and continuous deployment.
If we see something, we react quickly. We’re always looking for potential system interruptions. If we find something out of place, we address the issue to prevent it in the future.
Only people who need access, get access. We limit production-system access to key members of the Salesloft engineering team and expressly forbid passwords.
Don’t just take our word that our systems are secure. We don’t. Even though we’ve designed secure systems and procedures, we regularly perform security tests to identify and remediate potential vulnerabilities.
Logging is a critical component to Salesloft infrastructure, and we’re monitoring the platform to identify any misuse or problems. Logging is used extensively for application troubleshooting and investigating issues. Logs are streamed in realtime and over secure channels to a centralized logging service.
Application Level Security
We prevent single points of failure. Even if there is an interruption to one system, the rest of our services stay up and secure. We physically separate the database instances from application servers and heartily believe in the mantra of single function servers.
Data Protection, Continuity, and Retention
We backup and test our systems, just in case. Production data is mirrored to remote systems and automatically backed up daily to an offsite location. Every change to a database is stored in the ‘writeaheadlog’ and immediately shipped offsite.
Internal IT Security
We protect our own systems to protect your data. Salesloft offices are protected behind network firewalls from well-known security vendors and secured by keycard access. Our employee workstations and laptops are imaged and managed using JAMF.
If we have to part ways, we’ll make sure your data isn’t at risk. To cancel and delete your account, please contact your account manager or our Customer Success team. Canceling your account will disable all access to Salesloft Platform and affects all data associated with your account.
SOC 2 Type 2
Components of the Salesloft platform are SOC 2 Type 2 compliant. Salesloft undergoes a SOC 2 Type 2 examination of our security controls against the AICPA defined standards on an annual basis with a third party audit firm to ensure the security of our platform and its supporting infrastructure.
ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). Our entire information security program is built on the ISO 27001 framework and we complete re-certification and surveillance audits annually.
Salesloft is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). The GDPR extends the reach of the European Union’s data protection laws and establishes many new requirements for organizations that fall under its scope.
The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020. Salesloft is committed to ensuring compliance with the CCPA. The CCPA is a state law that provides consumer privacy rights and protections for residents of the state of California.
Our platform is constantly evolving to delight our customers with new features and innovation. In an effort to protect our ever-changing attack surfaces, we have implemented a bug bounty program that challenges our controls and tightens our defenses on a continuous basis.
Sub-processor Notice (Microsoft Corporation) Answers to FAQs
Answers to FAQs relating to Salesloft’s engagement of Microsoft Corporation as a sub-processor.