Data Management and Security

SOC II Type 2 certified. GDPR and HIPAA compliant. Every element of BoostTalent SX is designed to keep your data secure.

BoostTalent is certified SOC II Type 2 and compliant with GDPR.

Overview

From end to end, our processes and systems keep your data secure and maintain a track record of zero breaches or loss of data. The BoostTalent platform consists of three key elements: a lightweight data connector, a data platform, and a web portal. All three elements are hosted in a secure cloud infrastructure.

All data collection happens securely over SSL using REST APIs. The lightweight data connector connects to your ticketing system of record using the authentication token that you provide us.

No credentials are shared – you maintain complete control over what and how much data is exposed. Access is maintained in your own VPC instance using self-service OAuth.

Compliance

Security can never be technology alone. All employees and contractors are trained using comprehensive security awareness programs. Every BoostTalent employee is committed to ensuring that the data we analyze within our systems is protected in the highest regard.

SOC 2 Type II certification and GDPR compliance ensure that our policies and procedures meet your security expectations. We regularly conduct both internal and external audits and penetration tests, with complete results available by request.

Data privacy and security protocols conform to the HIPAA Security, Privacy, and Breach Notification Rules and are designed to meet your HIPAA compliance requirements.

Core Security Protocols

OAuth/
TLS 1.2+

SHA-256/RSA Encryption

VPC Instances

FIPS 104-2 Compliance

2-Factor Authentication

Access via Bastion Host

Take a deeper dive: Get the full details behind our secure architecture

Read the White Paper

Data Classification Matrix

Data Type	Sensitivity	Access	Encryption
Original ticketing data	Confidential	Designated BoostTalent employees only; third-party sync service	At rest and in transit
Internal conversations	Sensitive	Designated BoostTalent employees only	At rest and in transit
ML predictions	Sensitive	Designated BoostTalent employees only	At rest and in transit
ML annotations	Sensitive	Designated BoostTalent employees only	At rest and in transit
Product usage data	Sensitive	Designated BoostTalent employees only	In transit

Data & Security FAQ

Is my data secure during extraction?

Yes – All data is encrypted in transit using TLS 1.2 (and above).

Is my data secure in your platform?

Yes – At rest, your data is encrypted under the 256-bit Advanced Encryption Standard, and each encryption key is itself encrypted with a regularly rotated set of master keys.

Is the data integration secure?

Yes – Only you can give access to your data by inviting new users to your account or by engaging a third party and explicitly providing access to your data. This access is used to run analytics against your data, with the option to write back to your CRM using BoostTalent SX as a bidirectional solution. Via the ETL, you have the ability to grant or revoke visibility permissions and can remove access permission at any time.

Can I use SSO or Active Directory?

Yes – You can use many industry-standard SSO and Active Directory providers.

What data is collected?

The following data types are collected from your CRM system:

Case details, notes, comments, and discussions

Case requester details

Agent details

Product usage metrics

Can I delete my data from BoostTalent?

Yes – When your account is terminated, BoostTalent will mark all your data for eventual deletion. However, by request your data can be deleted within 3 business days. BoostTalent will delete the case data and send you a confirmation email within one business day.

Is data stored by BoostTalent?

Your data is only stored in your VPC instance.

BoostTalent only uses your data for generating the ML models tuned to your organization. Your data is not used to train any other models. Once the models are created the collected data is not needed, BoostTalent may store data to continuously improve your models. BoostTalent can purge any data by request.

Does BoostTalent store sensitive information like usernames and passwords?

BoostTalent does not require login details or a password to your CRM system. However to use the BoostTalent application we require that you to create an account on our platform.

There are two options for account creation: you can create individual user accounts using your email address or sign in with your existing Slack credentials. If you sign in with Slack we collect your profile information.

Elevate Your Support Experience

Reduce Customer Escalations by 40%

Speak with an Expert

Get a live demo from a BoostTalent expert

Contact

Sandbox Demo

Experience BoostTalent at
your own pace

Get a Demo

8x8 Predicts Escalations and Transforms to Proactive Support

Databricks Reduced SLA Misses by 40% and Increased CSAT

3 Steps to Get More Out of Your CRM with BoostTalent

Why Support Experience is Going to Make or Break Your Organization this Decade

Data Management and Security

Overview

Compliance