CRM privacy and security
How to be on top of your CRM security
Your CRM is a goldmine of valuable and highly-sensitive customer information. Even the smallest security breach could cause irreparable damage with long-lasting effects. And, with security breaches rising by 11% since 2018 and 67% since 2014, security has never been more crucial for businesses’ livelihood. A reliable CRM must, therefore, safeguard your information and prevent it from falling into the wrong hands by upholding the highest standards of CRM security policy on all levels.
With multiple security certificates, world-class infrastructure and a host of CRM privacy and security features, from user permissions to single sign-on and two-factor authentication, Pipedrive is committed to protecting your data and keeping you informed on all levels and at all times.
Full access. No credit card required.
4.5/5
4.2/5
4.3/5
4.5/5
4.5/5
4.7/5
SOFTWARE FEATURE
Security center
Knowing how and when your company’s data is accessed and by whom is key to protecting your business information and your customers’ privacy. Your CRM security features should, therefore, cover these areas to the max. What’s more, your CRM should provide you with easy access to these features to ensure that you can monitor your security and access control independently.
Pipedrive’s security center enables you to manage all your company’s security aspects from one place, starting with its security dashboard – which gives you an overview of your security and enables you to tackle suspect user and account activities in real-time – through user access and device logs, allowing you to receive notifications about the times and locations of user logins over the last 60 days – all the way to rules and alerts designed to automate secure practices such as whitelisting IPs or setting time-restricted access.
Includes:
Visual dashboards
User access and device logs
Rules and alerts
Email notifications
SSO and 2FA
Manage user access centrally through your preferred single sign-on provider while confirming users’ identity
Visibility groups
Categorize your users into groups and sub-groups and dictate what they are allowed to see within Pipedrive
Permission sets
Customize what users can do in Pipedrive with variable user permission sets suited for different levels of user access
User access and device logs
Get notifications about the times and locations of user logins over the last 60 days to pinpoint and prevent suspicious activity
SOFTWARE FEATURE
Visibility and login protection
Your CRM security starts with the product itself. More specifically, with visibility and login protection. Managing user access empowers you to create information hierarchies that protect the data on your company's account.
For example, with Pipedrive you can use user permission sets and visibility groups to limit what users can do, see and access. You can also enhance your login security from any device with two-factor email verification or manage user access centrally through your single sign-on provider. Lastly, and to protect your account from strangers trying to log in, user accounts that enter an incorrect password three times in a row will be locked. The user then receives an email that helps them securely unlock their account.
SOFTWARE FEATURE
Organizational data management
While security on the product level is fundamental, your organizational data management must also meet certain criteria to allow businesses in different locations to comply with local and global security standards, from GDPR to ISO/IEC 27001. For that reason, it’s crucial to ensure your CRM security policies are in line with your business’s.
Pipedrive is fully committed to meeting GDPR requirements. It further encrypts your data and lets you export it, transfer it via the API or tell us to delete it. Lastly, the company employs a dedicated data protection officer who’s responsible for spearheading data protection compliance and initiatives.
SOFTWARE FEATURE
Secure infrastructure
Secure infrastructure is the last and probably the most prominent piece of your security puzzle. It’s meant to ensure your foundation is rock solid and reliable so that security on all levels can be maintained at all times.
With Pipedrive, you benefit from world-class hosting infrastructure in Rackspace and AWS, state-of-the-art encryption for all data, whether at rest or in transit over public networks and daily backups going back three months. Add this to various security certificates and you get a product that is secure from top to bottom.
Security rules
Turn on and enforce password strength requirements, password expiration and history control, two-factor authentication (2FA), IP- and time-based access restrictions for all users
Security alerts
Get instant email notifications about suspicious access to your company’s account, potential data leaks and data loss
Security management tips
Manage user access and security-related activity in your company’s account and get tips to protect your business data
GDPR compliance
Make sure your sales practices adhere to GDPR in safeguarding personal data
Join over 100,000 companies
Pipedrive shares the following information with all customers:
- Security and Privacy White Paper
- SOC 3 report
- ISO/IEC 27001:2013 certificate
- Pipedrive DPA (our legal contract detailing our commitments in regard to data protection)
Pipedrive shares the following additional information with all customers who’ve signed NDAs*:
- SOC 2 Type II report
- Security questionnaires. Pipedrive fills out questionnaires for customers who are on the Enterprise Tier
*Please reach out to your contact person/account executive for clarification or to receive the above documents.
Certificates
SOC 2
SOC 3
EU-US Data Privacy Framework
ISO/IEC 27001:2013
Focus on security features that matter
Pipedrive is designed to:
- Prevent security breaches and data leakage
- Help admins monitor all security aspects from one location
- Support custom permission sets
- Automate secure practices
- Comply with international security standards, such as GDPR
- Offer security management tips
Pipedrive CRM security policy
We at Pipedrive adhere to the following guidelines to meet the highest standards of CRM security policy:
- Customers’ data is stored in separate databases to avoid the risk of any leaks into other databases
- Pipedrive accounts are hosted in Rackspace data centers in Europe and the US by hosting providers compliant with SAS 70 type II
- All information is encrypted via secure HTTPS connections and is backed up daily through Amazon Web Services
- Pipedrive complies with GDPR and adheres to SOC 2, SOC 3, the EU-US Data Privacy Framework and ISO/IEC 27001:2013
- Pipedrive employees are regularly trained regarding security best practices and regulations
Used by over 100,000 companies in 179 countries
Sell more. Pay less. Try it free!
Full access. No credit card required.