At Pod, we’re building the best pipeline intelligence platform for account executives. Our mission is to (A) help them manage their pipeline smarter and (B) provide a consolidated way to manage their workflow. To achieve this goal, we integrate with a variety of existing sales systems our users. We are dedicated to handling our customers’ sensitive data and adhere to best-practice standards of security and data compliance across the application.

You’ll find below a list of security measures we’ve taken to keep our users (and ourselves!) safe:

A 3rd party firm, appointed by Google, conducts a full end-to-end security audit of the Pod platform. Their assessment is based on:

The certification is renewed on a yearly basis.

When connecting to 3rd party systems (i.e., Salesforce, GSuite), we leverage their OAuth-based authentication option. This way, users will never give Pod access to their credentials (i.e., username, password). This way, we eliminate the risk that our users’ credentials get compromised (or accessed) through Pod by a malicious party. Additionally, we’re currently in the final steps of obtaining Google Verified App certification - which would add yet another feather of security & reliability to Pod’s cap. As an example, in order to connect their Salesforce or Google Suite accounts, users enter their credentials in a pop-up window controlled by the 3rd party application (i.e., Salesforce, Google). Through this service, the users then grant Pod permission to access their data.

We understand that these systems host sensitive information. When our users integrate their Salesforce or GSuite instances, we take an 'as-needed' approach to data storage to reduce any data leakage or exposure risk. We only keep the bare minimum data to (A) speed up/reduce the latency in the platform's user experience and (B) generate specific AI recommendations.

All our API requests & responses are sent and received using the HTTPS protocol (rather than HTTP), which encrypts request/response data and prevents potential man-in-the-middle attacks.

We protect user-generated data in Pod—such as tasks, documents, and preferences—by using encryption at rest, including for all backups. This ensures that, even in the rare event of a security breach, any accessed data remains encrypted and the risk of exposure is greatly reduced.

To maintain a secure and compliant environment, all employees, contractors, and third-party vendors (collectively referred to as "users") with access to sensitive information or critical systems of our application must undergo thorough background checks prior to being granted access

In order to ensure that malicious individuals aren’t able to access our application’s codebase or servers, we’ve enabled multi-factor authentication. We also implement strict user management protocols to protect user data, granting access to sensitive information only to authorized personnel based on their job roles.

To safeguard our platform and ensure uninterrupted access for our users, we utilize DDoS (Distributed Denial of Service) protection services provided by Cloudflare. This robust protection helps us detect and mitigate malicious traffic, preventing disruptions and ensuring a secure and reliable experience for all users.

In addition to the above guidelines, we ensure to stay mindful of security best practices as part of our engineering processes. For example, we use environment variables to store sensitive information (i.e., credentials, keys). Also, we only request access to the minimum required amount of information from external sources. We consistently review and upgrade our security guidelines to ensure our approach to managing customer information is in line with the best-in-class security & compliance approach.

💡 Need help? Send us a message via the in-app chat or email us at [email protected].

🤝 Want to talk to someone? Book a session with one of our specialists!