Security Overview
We take security very seriously & that is why we bring enterprise-grade security to companies of all sizes.
Below are some of security measures that we take to make your data secure & interaction seemless with Playground.
Application Security
Secure Communications
All communications use secure channels at all times, with TLS 1.2 or later and cannot be intercepted by untrusted parties.
Web Application Standards
Playground is adhered to OWASP standards giving protection from major security risks like Injection, CSRF, Clickjacking, Cross-Site Scripting (XSS) & much more.
Robust Identity Management
We use open industry standards such as OAuth and OpenID Connect to manage identity and authorisations. Playground doesn't ask for separate credentials. Instead, it allows login via popular identity providers so that users don't need to remember another set of credentials.
Data Access & Security
Data Confidentiality
Playground only store some basic information, specifically Firstname, Lastname and Email Address. This information is being used to set up users at the time of signup and also matching users at the time of login.
note
Playground doesn't store any other information from your provider or any Salesforce org
Encryption at Rest
All your data is protected at all times by AES 256-bit encryption which is the first and only publicly accessible cipher approved by the US Government for protecting top secret information.
Role Based Authorisations
A Role is a combination of permissions that is required to assign to each & every user. It helps decide what level of access that the user will have in the Playground. By default, there are the three pre-configured roles (Admin, Moderator & Contributor). New roles can be created for more granular level control according to requirements.
Miscellaneous
No Production Deployments
The application doesn't support Salesforce production environments intentionally to stop direct deployments. It should always go through the proper development/testing cycle.