CRM Security overview
We fully comprehend the importance and sensitivity of the data you store at Teamgate, therefore for us the security and safety of your data is our absolute priority.
1. Sales and customer relationships in a secure environment
Teamgate provide a cloud-based, sales and customer relationship management (CRM) solution, which to date has earned the trust of a constantly increasing number of various sized businesses worldwide. Teamgate acknowledges the importance and integrity of personal and business data security, which consistently remains at the central core of company policy. Because we offer an easy-to-use, flexible, constantly evolving, and intuitive sales software, which can cover multiple business processes, it is fundamental obligation for us to provide a dependable, secure and reliable solution, across multiple levels. Please find below an overview of our security model, consisting of five key elements: physical, network and system, application, organizational, personal.
Teamgate complies with General Data Protection Regulation (GDPR), which comes into force on May 25th, 2018. EU GDPR directive 95/46/EB is being implemented in order to coordinate data privacy laws in the European Union (EU) and protect data privacy and storage of all EU citizens, along with unifying the manner in which companies throughout EU synergise data privacy. It is important to note that all companies empowered with the management of EU citizens’ data, will have to comply with GDPR, irrespective of their location worldwide.
2. Physical security
World-class data centers in USA and EU
Teamgate solution is hosted by data centers in the USA and the EU in accordance and compliance with the highest security standards and information storage policies:
EU Amsterdam (Holland) – Certified data center in compliance with ISO27001:2005 and ISO9001 standard
EU London (England) – SSAE16 / ISAE 3402 type certified data center in compliance with ISO9001:2008, ISO27001 standards
EU Frankfurt (Germany) – Certified data center in compliance with ISO9001:2008, ISO27001:2005, and ISO22301:2012 standard
US New York (USA) – Trusted data center in compliance with SSAE16 SOC-2 and SOC-3 standard.
ES Vilnius (Lithuania) – Certified data centre in compliance with ISO/IEC27001:2013, ISO9001 and ISO14001 standard
Uptime rated over 99.5%
All Teamgate accounts are synchronised in real time across multiple servers. In the event of a single server malfunction traffic is automatically rerouted to another separate server, ensuring non-disruption and continuous access to files, accounts and data. Over the past several years Teamgate have consistently achieved uptime of over 99,.5% as a standard, which guarantees user security and unlimited access to sales, files, communication history and all vital information and data.
Constant data backup
Data backups are performed daily – once or twice a day – depending on the chosen subscribed account plan. All data backups are stored for a minimum of one week, so that even in unlikely event of a complete data loss, restoration is possible.
3. Network and infrastructure security
In order to assure a secure connection between the client’s web browser, or other application, and Teamgate CRM we use the highest SSL class protocols and security keys, which meet an A or A+ grading scale. Teamgate uses Transport Layer Security (TLS) TLS 1.2 with a preferred AES 256 bit algorithm in CBC mode and 2048-bit server key length with most modern browsers. When you access Teamgate via a browser, mobile device or browser extension, TLS technology secures your data using server authentication and data encryption, which is used by banking and main ecommerce websites. In order for our customers’ passwords, cookies and private information to be secure, all Teamgate users get an identical encryption guarantee, irrespective of their chosen plan.
Firewalls and intrusion detection
Each server contains firewalls which automatically close access to external servers, while opening only those access roots which are needed to access data. Unused server ports can pose a security risk as every open port on a system may be used as an entry point by attackers. If that port is not needed for functionality, it is recommended to close it to block any attacks which may targeting it. Every attempt to access servers or software update is documented in the general server log. Suspicious connection attempts our denial of service (DoS) attacks are blocked automatically without need for any human interference.
Regular updates and change management
Regular internal security audits enable us to identify outdated systems and third party services. Based on internal change management regulations, Teamgate periodically updates the operating system, software, systems, and the code library, all of which are a part of the intrinsic infrastructure. If a situation arises where vulnerabilities are detected in the publicly accessed version of Teamgate software immediate action is taken to totally eliminate or minimise all possible customer security risks – constant monitoring of all systems ensure that immediate fixes or patches are applied.
System integrity protection
By means of operation-systems-based, and custom integrity check services, cohesion of all critical files and system objects is continuously ensured. A rapid response to any potential unauthorised compromisation of the system assures that our customers and users are continuously engaged with the authentic version of all application services.
4. Application security
System security assurance process
A complete security requirement process cycle is fully integrated into the Teamgate software development and deployment cycle, which includes:
Internal security requirements and policies are set, along with “best practice” examples which are applied during every step of the product’s lifecycle.
Rigorous security maintenance during architecture, functionality design and development stages.
To assure secure, optimal, and tidy programming code, iterative manual and automated (using static code analyzer) source code analysis is being regularly performed.
Depending on job roles and responsibilities, the IT team periodically attends security training and knowledge-building workshops.
Authentication and access control
Every Teamgate user has their own unique login details, consisting of an email address and secure password. The password is checked according to password security policy standards and protected using advanced coding algorithms. Teamgate users also have the opportunity to authenticate their access via third party services, such as: Google and LinkedIn. The Teamgate account administrator manages and controls separate user permissions, by defining and allocating specific roles. All of the information kept in the specific Teamgate account can be accessed only by users assigned to that specific account.
User activity monitoring
Teamgate gives an opportunity to receive reports with all authentication events. In case of unauthorized login to the account, Teamgate security team member or account manager can interrupt activity by disconnecting from the account. In addition, it is possible to monitor the most recent user actions.
Teamgate gives an optional access to your account data through Android and iOS applications, which inherit a complete security functionality from a web application.
Account and content recovery
Teamgate offers secure data recovery option in case of accidental data deletion. If user is deleted by mistake, it is possible to reverse deletion, if you contact our support team no later than after 7 days from an accident. Certain data could be restored even after a month from their initial deletion.
Security is of paramount to us. Every file upload file to Teamgate CRM is scanned for all known malware and viruses, ensuring optimum protection at all times. Our security features are constantly upgrading and evolving in the attempt to stay ahead of any prospective threats which may exist.
5. Organizational security
The design, implementation, and operation of a data centre utilises both a high level of technological competence and a uniquely disciplined and structured attitude towards processes. These come under the policies governing escalation, management, knowledge sharing, risk management, along with the smooth running of workday operations.Teamgate’s partners have vast experience in data centre design, implementation and management, whilst maintaining a continuously centred focus on the improvement of all processes. The Teamgate specialist team possess unique skills and practices for overseeing security, and data protection risk management, an ethos which is core to Teamgate’s culture.
Data management accessibility
A strictly limited number of security-cleared employees have access permission to our data centre along with the data stored within the databases. Strict security policies are in place for employee access to sensitive areas. Each and every security event, or security trigger, are meticulously logged, monitored and analysed. Authentication methods and data are strictly regulated. Access to customer data is limited to employees, technicians and engineers with specific job-related transactions, and must have signed a confidentiality agreement which they are legally bound to. Access to customer data is on a need-only basis and must have been authorised directly by the customer (in connection with a support incident) by means of an issued support token, or additionally under authorisation from senior management and security, with the objective of providing vital support or maintenance, and/or for the purpose of improving the quality of service.
6. Data privacy and sharing
Teamgate is registered with the State Data Protection Inspectorate of Lithuania. Therefore, Teamgate collects and manages only that data about their customers which is set by the state register of personal data controllers.
Teamgate shares customer data with third party services which are directly integrated with Teamgate CRM, and which are crucial to accommodate customer needs and maintain overall customer satisfaction. The following is a list of third party providers and links to their privacy policies:
Intercom – https://www.intercom.com/terms-and-policies#terms
Braintree – https://www.braintreepayments.com/en-gb/legal?
Zendesk – https://www.zendesk.com/company/customers-partners/privacy-policy/
Google Analytics – https://www.google.com/policies/privacy/
New Relic – https://newrelic.com/privacy
7. Company grade security
Should you have any security concerns, queries or suggestions please contact our support team at +44 2037699280, or alternatively email firstname.lastname@example.org and they will be happy to provide you with any additional security history and/or external reports confirming our security compliance and standards.
Hi, I am Ilmaras, Sales Manager here at Teamgate. I am responsible for ensuring that you drive maximum value from our tool. I would like to learn more about your main goals for using the CRM solution and to tell you how other companies are using our CRM. Please fill in the form and I will get back to you ASAP.