Enterprise Grade Security and Data Protection
We take your data security and privacy very seriously. BoostUp’s platform has been built with a security first focus with SOC2 compliant highly restricted access controls, 256 bit end-to-end encryption, GDPR compliance and granular data expiration policies that customers can control.
Highly Secure Logically Partitioned Hosted Architecture
BoostUp is a security-first company in the final stages of SOC2 certification. Our logically partitioned hosted architecture isolates customer data inside our database, allows granular deletion, access control and management policies and ensures maximum security. This architecture completely isolates your data and gives you fine-grained control over data retention and deletion.
BoostUp’s cloud service is completely hosted in AWS, in data centers that reside within the United States. AWS data centers are highly secure, and are SOC1, SOC2 and SOC3 compliant. All our production and staging servers are hosted in their own Virtual Private Clouds (VPCs). We make extensive use of security groups to restrict access to these servers, enabling only the minimum level of access needed for operation.
Application and Data Security
BoostUp only allows login via Single Sign-On (SSO). SSO login is supported for Google Apps and Office365. As a result, BoostUp never stores any user passwords in our database.
The BoostUp security team encourages responsible reporting of any vulnerabilities that may be found in our site or applications. BoostUp is committed to working with security researchers to verify and address any potential vulnerabilities that are reported to us. Please refer to our Vulnerability Disclosure Policy for more details.
BoostUp.ai employs the principle of least privilege – users should only be able to access functions, data files, URLs, controllers, services, and other resources, for which they possess specific authorization. This implies protection against spoofing and elevation of privilege.
Access to sensitive records is protected, such that only authorized objects or data is accessible to each user. BoostUp.ai application uses strong random anti-CSRF tokens and correctly enforces context-sensitive authorization so as to not allow unauthorized manipulation by means of parameter tampering.
All cryptographic modules fail securely, and errors are handled in a way that does not enable oracle padding. All cryptographic algorithms used by BoostUp.ai have been validated against FIPS 140- 2. TLS is used for all connections including both external and backend connections.
All sensitive data is sent to the server in the HTTP message body or headers only. Proper certification revocation, such as Online Certificate Status Protocol (OCSP) Stapling, is enabled and configured. Only strong algorithms, ciphers, and protocols are used, through all the certificate hierarchy, including root and intermediary certificates. All data is stored at rest on EBS volumes in an encrypted form.
Malicious Input Handling
All SQL queries, HQL, OSQL, NOSQL and stored procedures, calling of stored procedures are protected and not susceptible to SQL injection. BoostUp.ai application has security controls in place to prevent LDAP injection, OS command injection, Remote File Inclusion (RFI), Local File Inclusion (LFI), XML attacks and DOM Cross-Site Scripting (XSS) attacks.
Why customers love BoostUp
BoostUp has given us greater visibility into not only our forecast but our deal health. Before BoostUp, we used spreadsheets and other systems, making this process very difficult and inaccurate. With BoostUp, we have a new level of clarity, and we’re never going back!
BoostUp has helped us SAVE several deals. It has helped us create a culture of transparency & accountability. BoostUp team is extremely responsive and the UI is fully tailored to match our business language
With BoostUp, I can inspect pipeline in 1/10th of the time and call deals 2x more accurately. Our leaders now have an excellent lens to evaluate deal risks instantly.
We can cut through pipeline BS and learn deal risks while saving 3-4 hours of my back-and-forth time every week. Risk factors are immediately actionable so my AEs can quickly prioritize at-risk deals.
The first thing you notice in BoostUp is speed. When I look at a deal in BoostUp I can start having deal strategy conversation in seconds. It gives me accurate picture instantly.
BoostUp is that always-on dashboard that gives me a complete view from emails, calls, salesforce and calendar. It’s part data consolidator, part AI investigatory, and visually tells a story.
BoostUp is a next generation sales dashboard. It is both quantitative and predictive in analyzing your team forecast and individual rep productivity, consumable by reps, management and Ops.
BoostUp allows us to get a solid grip on a large portion of the pipeline, all within the limited time that sales leaders usually have to review deals.
BoostUp gives me prospect’s point of view and how well are they engaging. That alone pays for itself.