Match My Email (“MME”) is a cloud integration service that connects IMAP-compatible email systems with Salesforce.com (“SFDC”). MME follows industry best practices related to security and privacy to ensure data confidentiality, integrity, availability and regulatory compliance. MME models its security and privacy policies on the requirements and guidelines of the SFDC AppExchange Security Review, see https://developer.salesforce.com/page/Security_Review. Each new version of the MME Service must pass the SFDC Security Review before it is put into production.
1. Application Security.
- MME has a robust software development lifecycle with security and privacy being core components.
- All developers are trained to follow secure development rules to avoid all potential security breaches such as SQL injection, Cross Site Scripting, access violation and other. Security training is repeated regularly.
- Source code is reviewed by a dedicated Security Engineer before being push to production.
- The application is tested for security and privacy issues with manual and automated security testing tools. There is a strict segregation of duties within the development, test and production environments. Only reviewed and tested code which complies with security specifications is deployed to production.
- All data are encrypted in transmission with Transport Layer Security (TLS).
- Sensitive data such as passwords and access tokens are encrypted and stored with strong encryption. Encryption keys are stored separately from data and executable code in a secure storage file.
- Copies of emails uploaded to SFDC from the MME cloud are compliant with SFDC’s user permissions, profiles and role hierarchies.
- Black and grey list confidentiality controls are provided to block emails based on email address or email body tag from entering the MME cloud or being processed for upload to SFDC. Based on MME’s folder selection feature, users control which email messages are synced to Salesforce and which are not.
- MME uses modern cloud authentication technologies including OAuth to connect with SFDC and compliant email systems like Gmail.
2. Host/Platform Security.
- MME uses the latest version of a major Linux distribution to ensure state-of-the-art security at the operating system level on its servers. On all MME servers, unnecessary services are disabled, default accounts and passwords are removed/changed, passwords are encrypted and all users have unique usernames.
- Security patches are applied as soon as possible after they are released.
- Servers can be accessed remotely by authorized personnel only via secure connections.
- System logs are collected and regularly reviewed for security activity.
- Strong passwords are enforced.
- An enterprise-wide anti-virus solution with regular updates is implemented on all MME servers.
3. Network Security.
- Internal networks are protected with Stateful Packet Inspection Firewalls.
- Web/Application and database servers are segregated.
- No wireless in collocation facilities.
4. Physical Security.
- MME is hosted at Amazon Web Services (“AWS”).
- SFDC has certified AWS as a trusted, secure, external hosting environment for ISVForce applications. SFDC is migrating to AWS as the hosting platform for its core application. Since 2008, SFDC has allowed third-party apps that participant in the ISVForce Program and that have passed its Security Review to be hosted on AWS.
- AWS has ISO 27017 certification [see https://aws.amazon.com/compliance/iso-27017-faqs/], including physical security. Data center access is restricted to authorized personnel only. Physical access logs are maintained. Security cameras, motion detectors and alarms are implemented in the data center that are monitored on a 24/7/365 basis. Data center has implemented controls to prevent the infrastructure against external threats and hazards (fire, earthquake, flooding, etc.)
5. Operational Security.
- MME networks are actively monitored with automated and manual tools. Administrators are alerted on security or performance issues.
- Disaster Recovery and Business Continuity Plans are implemented and periodically tested.
- Employee Training and Security Awareness Program are implemented and run.
- A robust change management process ensures that all changes are documented and approved.
- To comply with The Privacy Shield Agreement, signed by the US and EU in August 2016, RAE Internet starting storing email or Salesforce data related to new EU customers on servers located in the European Union. RAE Internet has established an instance of MME in a European AWS data center. Existing EU customers may migrate to the EU app servers upon request. Data related to rest of the world customers are hosted on servers at AWS data centers in the United States.
- Per Salesforce guidelines, all user email and Salesforce data processed and presented by a third-party app must be private to the end-user by default and locked down under strict access and permissions control rules. MME has been architected to comply with this SFDC requirement, so all user email and Salesforce data that appears in the Email Cloud screen of the MME app whether directly from the MME login page or through a Web Tab in Salesforce are completely private to the end-user. Such data are stored securely so Application, Cloud and Domain Administrators do not have access to individual user content.
- Only via a Privacy Waiver Form, signed by an authorized officer of a subscribing organization, can an individual’s end-user privacy be waived in the MME Cloud. The execution of a Privacy Waiver Form makes individual end-user data visible to the subscribing organization’s MME Cloud and Domain admins only; MME Global Application admins do not have access to user emails, Salesforce data or credentials under any scenario.
7. HIPAA Compliance
- The management of RAE Internet Inc. has reviewed the “Security Standards for the Protection of Electronic Protected Health Information,” found at 45 CFR Part 160 and Part 164, Subparts A and C, commonly known as the Security Rule, of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). RAE Internet’s management believes that Match My Email conforms with the technical safeguard standards of HIPAA as they pertain to Access Control, Automatic Logoff, Audit Controls, Person or Entity Authentication and Transmission Security and Encryption, but this opinion has not been verified by a third-party expert.
8. FINRA Compliance
- The management of RAE Internet Inc has reviewed Rule 30 of Regulation S-P (referred to as the “Safeguard Rule”) requires firms to establish written procedures reasonably designed to “(a) insure the security and confidentiality of customer records and information; (b) protect against any anticipated threats or hazards to the security or integrity of customer records and information; and (c) protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.” The management of RAE Internet believes that Match My Email conforms to Rule 30, though this opinion has not been to certified by a third-party expert.
9. FERPA Compliance
- The management of RAE Internet Inc has reviewed the data security and privacy requirement of the Family Educational Rights and Privacy Act (FERPA) and believes that the Match My Email cloud-based email integration application for Salesforce.com is compliant, though this opinion has not verified by an independent security and privacy consultant.
Attestation by: Paul Sterne, President, RAE Internet Inc., January 2017