As organizations increasingly rely on Software-as-a-Service (SaaS) solutions, an inescapable reality emerges: security is not an optional, additional feature, but a foundational principle essential for trust and reliability between business partners. When you use SharinPix, you put a lot of faith in our hands that the information, and more specifically, the images you leave in our care will always be safe and readily available for you to access as needed.
We’ve implemented numerous security measures and best practices to ensure we are up to industry standards in keeping your photos and information safe. Among those actions are three key groups: partnerships with third-party services, external audits, and the Salesforce Security Review.
Partnerships and Activities with External Services
We are using some external services to keep our servers safe, run storage for our customers' images, give us guidance on processes, and verify us for installations via the Salesforce AppExchange.
1. SharinPix Deployments through Heroku
SharinPix components use Heroku, the cloud platform as a service company owned by Salesforce, to manage metadata and interactions. Thanks to this partnership, SharinPix benefits from Heroku’s firewalls and network configuration, high availability, and automatic library updates.
2. SharinPix Photo Storage through AWS S3
We store all the files privately in either our Amazon S3 space or even your own Amazon S3 bucket, an advantage that powers SharinPix with a durable and readily available solution to encrypted image storage. Any time you go to share or view an image inside Salesforce, SharinPix creates a temporary URL for that image. The URLs are unique and unguessable, not based on any naming convention or customer-unique nomenclature.
Users can share these URLs with the public, but they only exist for a predefined amount of time and are invalid. On top of this process that we’ve integrated with Amazon S3, SharinPix customers get the advantage of their best-in-class storage security.
3. SharinPix ISO ISO27001 Certification
While it's not a security measure in and of itself, ISO certification shows that we’re following cross-industry standards. The benefits of ISO certification are pretty broad, but it reassures potential customers that SharinPix operates an efficient, low-risk business.
Extensive External Security Audits at SharinPix
On top of our ISO-certified processes, we also seek out additional external audits at least twice a year. These audits put a rigorous test on our systems to find any potential security risk.
In addition to the audits we pay for, we also accept audits from our clients with higher security standards for their business operations. This additional auditing is common in some larger clients operating in more sensitive industries.
The SharinPix team values information brought to light by either type of audit so that we can make improvements before they’re even needed.
The Salesforce Seal of Security Approval
Perhaps the most important regarding the safety of our users' images and data is that each of our packages goes through the Salesforce Security review process, something that’s necessary to do before one can sell an app on the Salesforce AppExchange.
During this process, Salesforce thoroughly reviews the package we’re deploying to ensure that it is secure enough for Salesforce customers. Overall, Salesforce is the source of truth for all of our operations at SharinPix. All of the access and rights management are managed within your Salesforce, meaning those are the business rules of our client. We follow those rules closely and don’t grant access to instances where Salesforce isn’t already giving permission.
Safe in the Hands of SharinPix
Outside of those external partnerships and activities mentioned above, the fundamental SharinPix methodology is always working hard to ensure the safety of your visual elements and information. We conduct frequent code reviews to ensure that nothing is compromised and employ continuous automatic patching to keep everything updated for all our clients. With SharinPix, your images and data are in good hands.
How can I Learn More?
If you aren’t a SharinPix customer, we invite you to visit our Salesforce AppExchange listing to learn more about our offerings. If you have more questions about our security measures, don’t hesitate to send us a chat via the live chat on the AppExchange page.