© All rights reserved, SaaSMonk, Inc
SalesMonk software is critical to your business and we take security of customer data extremely seriously. We host SalesMonk using comprehensively hardened infrastructure-as-a-service (IaaS) platforms from Amazon Web Services(AWS) and Vercel.
SalesMonk software is critical to your business and we take security of customer data extremely seriously. We host SalesMonk using comprehensively hardened infrastructure-as-a-service (IaaS) platforms from Amazon Web Services(AWS) and Vercel.
Access to SalesMonk data is restricted to authorized users that are authenticated via Auth0, a SOC 2 Type II compliant authentication provider. All identity and access management is done through this provider - user passwords are encrypted and stored securely on their servers.
SalesMonk supports permissions at a granular, per-Story level for internal users and through a number of ways for external viewers. We currently provide ways to restrict access to a verified email or domain, enforced via an email or domain whitelist/blacklist set by the creator of the Story.
SalesMonk production data is processed and stored within AWS data centers that use state-of-the-art multilayer access, alerting, and auditing measures. SalesMonk does not own any physical servers. 100% of the data is processed and kept on servers provided by AWS.
All SalesMonk servers and structured data stores use managed infrastructure services provided and secured by Amazon. Our web servers encrypt data in transit using the industry standard for HTTPS security (TLS 1.2) so that requests are protected from eavesdroppers and man-in-the-middle attacks. Our SSL certificates are 2048 bit RSA, signed with SHA256.
All persistent data is encrypted at rest using industry-standard AES-256 algorithms and entirely kept on AWS data centers.
All changes to source code are subject to automated testing and any that affect security require pre-commit code review by a qualified engineering peer that includes security, performance, and potential-for-abuse analysis.All code is deployed to a staging environment for quality assurance and automated tests must pass prior to updating production services.
SalesMonk infrastructure utilizes multiple and layered techniques for increasingly reliable uptime, including the use of load balancing and task queues. SalesMonk uses highly redundant data stores, rapid recovery infrastructure, and point-in-time backups making unintentional loss of customer data very unlikely.
All SalesMonk servers use AWS and Vercel backed infrastructure which provide load balancing, auto-scaling, and application health monitoring to ensure Stories are always running reliably.The client side application uses several techniques to ensure Stories are safe and that all requests are authentic, including using JSON-web token for managing sessions and using secure cookies.
We use Stripe for payment processing and do not store any credit card information. Stripe is a trusted, Level 1 PCI Service Provider.
Who can access content shared through SalesMonk?
You can decide. We currently provide ways to restrict access to a verified email or domain, enforced via an email or domain-wide whitelist/blacklist set by the creator of the Story. Content uploaded to your asset library is visible only to the members of your team on SalesMonk.
Do third parties have access to my information?
No, we do not give or sell customer data to any body.
Do SalesMonk employees have access to my content?
Senior engineering and support staff may access your account, with your permission, and only if it’s required for servicing your account or resolving an incident you’ve reported. However, this rarely requires viewing a document itself. The controls in place are very strict adherence to our privacy policy and a culture built from respect of our users.
