How Wildnote keeps your data secure and protected.
CRM projects often collect sensitive data that cannot and should not be visible to unauthorized viewers. Wildnote has several measures in place to protect your data from a data breach including:
- All accounts require 8-character minimum passwords.
Authentication uses standard challenge/response, with SHA1 password hashes stored in the PostgreSQL database.
Photos and documents uploaded to Wildnote are handled by Cloudinary (https://cloudinary.com/) and stored on the AWS framework.
- All uploaded files are stored on S3, a distributed, high-availability storage engine that grows along with your Wildnote content. All content stored on S3 is accessible only to your user account through the web and native apps.
- There is redundant storage to to mitigate data loss and increase syncing speeds.
- All data is private and is not shared between accounts.
- Companies can enable or block Wildnote staff access to their data through their company settings.
Wildnote has several control measures for project managers to manage who has access to what data within a company and project. CRM companies often have a revolving staff of seasonal field archaeologists, and these features will allow you to add and remove access to your crew as they move from project to project, or exit the company entirely:
- Users can only access data after they have been invited or added by the Company or Project Admin. You can do this in the Members tab of Project Admin seen here:
- Each user is assigned a role in Wildnote, which dictates what data they can see and edit. The roles are assigned in the Members section of a project seen above. The roles are defined as:
Admin: View, edit and export all data, and manage all aspects of the project.
Field Lead: View, edit and export all data in the project.
Field User+: View all data, but only edit and export data they have collected in the project.
Field User: View, edit and export only data they have collected in the project.
Auditor: View all data, but can’t edit any data in the project.
- Additionally, through the use of “Read-Only Survey Status”, in the Project Info window, a project admin can make data “read-only” to all members except admins to prevent changes to finalized data. For more on survey status check out this article: Read-Only Status
- When a user is removed from the company, all access to the company’s data is also removed.
- Authentication to the app is accomplished via unique tokens associated with each account which can be reset at any time, thereby removing access to data that may remain on a mobile device.
Finally, Data security is extremely important for any CRM project, and Wildnote has you covered. Here is an overview of the security infrastructure of the website and mobile apps:
- Wildnote is a cloud based service running on Heroku, which sits on top of the Amazon Web Services (AWS) infrastructure, and therefore adheres to the AWS standard agreement.
- All traffic to the web and mobile apps is sent over a 256-bit secure SSL encryption.
Wildnote mobile apps for iOS and Android are completely native, built using Swift and Java respectively.