Follow Up Boss Security Features Explained
Follow Up Boss ensures your real estate data stays secure with top-tier encryption, strict access controls, and continuous monitoring. Here's a quick overview of its key security measures:
- Data Encryption: AES-256 protects stored data, and TLS secures data during transfers.
- Access Controls: Role-based permissions and Google Single Sign-On (SSO) manage who can access what.
- Third-Party Integration Security: API connections are protected with OAuth, HTTPS, and HMAC SHA256.
- Compliance Standards: SOC 2, SOC 3, GDPR, and CCPA compliance ensure privacy and security.
- Monitoring and Response: AI-driven threat detection, regular audits, and daily backups keep your data safe.
These features work together to protect sensitive information, prevent breaches, and maintain trust. Whether you're managing leads or integrating tools, Follow Up Boss prioritizes security every step of the way.
Data Encryption Methods
Follow Up Boss ensures data security using strong encryption techniques for both storage and transfer.
AES-256 Data Storage Protection
The platform uses AES-256 encryption, a widely recognized standard in the industry. Here's why this method stands out:
- It relies on 2^256 possible key combinations, making brute-force attacks virtually impossible.
- Trusted by major providers like Google Cloud, AWS, and Oracle.
- Resistant to quantum computing threats, ensuring long-term data protection.
Even in the rare case of a security breach, any compromised data remains unreadable and unusable to unauthorized parties. This advanced storage encryption is further supported by stringent measures to secure data during transfer.
TLS Data Transfer Security
For data in transit, Follow Up Boss uses bank-grade HTTPS to secure web and mobile connections. By implementing Transport Layer Security (TLS) protocols, the platform safeguards information exchanged between users and its servers from interception. Together, these encryption layers demonstrate Follow Up Boss's dedication to maintaining the confidentiality, integrity, and availability of customer data.
User Access Controls
Follow Up Boss uses a role-based access management system designed to safeguard data while maintaining smooth operations for teams.
User Roles and Permissions
Follow Up Boss allows organizations to manage user access with clearly defined roles, each tailored with specific permissions. This ensures sensitive data remains protected while empowering team members to work efficiently.
| Role | Key Permissions |
|---|---|
| Account Owner | Full system access, billing management, ability to export contacts |
| Admin | Access to all contacts, lead deletion, and team management |
| Agent | Limited to assigned leads and basic contact management |
| Lender | Restricted to assigned leads only |
| ISA/Account Team Lead* | Oversight of teams and advanced contact management |
| Team Lead* | Management capabilities specific to their team |
*Roles available only on Platform accounts.
Admins can assign and manage these roles through the Admin > Teams section of the platform, ensuring consistent security measures across the organization. To further enhance protection, Follow Up Boss integrates streamlined authentication methods.
Google SSO Login Options
To reduce vulnerabilities tied to passwords, Follow Up Boss offers integration with Google Single Sign-On (SSO), providing a secure and efficient way to manage access.
-
Authentication Control
Google Sign-In applies to all team members, except lenders with different domain setups. With this feature, only one individual can access a specific Follow Up Boss account at any given time. -
Simplified Access Management
By removing the need for additional access codes, SSO reduces the hassle of resetting passwords, which can cost an average of $70 per incident. -
Enhanced Security Measures
Account owners can link Follow Up Boss to their company’s Google Workspace emails, enable multi-factor authentication, and monitor unusual login activity for added security.
Third-Party Integration Security
Follow Up Boss ensures the protection of data in external integrations by employing security protocols comparable to those used in the banking industry.
API Security Standards
The platform implements a range of authentication methods and encryption protocols to safeguard its API connections:
| Security Feature | Implementation Details |
|---|---|
| Authentication Methods | OAuth and Basic Authentication via API Key |
| Connection Protocol | HTTPS-only with TLS encryption |
| Request Headers | Requires X-System and X-System-Key identifiers |
| Access Control | Matches the user's login credentials for permissions |
| Embedded App Security | HMAC SHA256 signature checks |
To keep integrations secure, Follow Up Boss employs iframe sandboxing and signature verification, preventing unauthorized access. These robust API protocols are designed to support native integrations, including Ace AI, seamlessly and securely.
Ace AI Security Features
Ace AI, as a native integration within Follow Up Boss, utilizes these security measures to protect data integrity throughout the CRM system. Key features include:
- PII Protection: Implements advanced anonymization techniques for Personally Identifiable Information.
- Rate Limiting: Enforces strict limits on API requests to prevent misuse.
- Infrastructure Security: Built on a SOC-2 ready framework, ensuring compliance with enterprise-grade security standards.
"PII anonymization, strict rate-limits & SOC-2 ready infrastructure keep your Follow Up Boss data - and your clients - safe."
In addition, Follow Up Boss adopts a proactive approach to security through its Vulnerability Disclosure Policy. By collaborating with external security researchers, the platform identifies and resolves potential vulnerabilities. This dedication to security highlights Follow Up Boss's commitment to protecting data across all integrated services.
Security Standards and Regulations
Follow Up Boss prioritizes safeguarding sensitive real estate data by adhering to recognized security standards and compliance frameworks.
SOC 2 and SOC 3 Certifications
Follow Up Boss has earned both SOC 2 Type 2 and SOC 3 certifications, reflecting its commitment to robust security measures. The SOC 2 Type 2 certification evaluates the platform's controls based on five key trust service criteria:
| Trust Service Criteria | Security Measures |
|---|---|
| Security | Protecting infrastructure and preventing unauthorized access |
| Availability | Monitoring system operations and ensuring accessibility |
| Processing Integrity | Guaranteeing accurate and complete data processing |
| Confidentiality | Implementing encryption and access controls for sensitive data |
| Privacy | Establishing protocols for managing personal information |
"Generally, a service organization should look at getting a SOC report every year to ensure that there is continuous coverage by the SOC 2 reports. Coverage issues could lead to further security scrutiny by partners or clients." - Jacob Nemetz, CEO, Dash Solutions
The SOC 3 report, which provides a high-level summary of these security controls, is publicly accessible on the Follow Up Boss security page. This allows users to examine the platform's practices without exposing internal details.
Privacy Law Compliance
In addition to certifications, Follow Up Boss adheres to stringent privacy regulations, including GDPR and CCPA, through detailed data management practices:
| Compliance Area | Implementation Details |
|---|---|
| Age Restrictions | Prohibits users under 18; any submitted data is promptly deleted |
| Data Storage | Employs multi-location storage with servers in the U.S. and abroad |
| Third-Party Management | Ensures third-party providers comply with strict security guidelines |
| Legal Requirements | Maintains procedures for responding to subpoenas and court orders |
| Google API Compliance | Meets the Google API Services User Data Policy standards |
Additionally, the platform complies with other frameworks like CASA Tier 2 and PCI, reinforcing its dedication to privacy and security. This focus is especially important, considering over 15 billion records were breached in 2019.
Follow Up Boss continuously enhances its security protocols to keep pace with evolving regulatory demands and industry standards.
sbb-itb-b3b90a6
Security Monitoring Systems
Building on strong encryption and strict access controls, Follow Up Boss takes security a step further with continuous monitoring, advanced threat detection, and a rapid incident response framework.
Threat Detection Methods
Follow Up Boss employs sophisticated techniques to identify potential security risks. By using artificial intelligence, the platform analyzes patterns and behaviors in real time, ensuring any unusual activity is flagged immediately.
Here’s a breakdown of the platform's threat detection features:
| Detection Component | Security Function |
|---|---|
| AI-Driven Analysis | Identifies patterns and detects anomalies in real time |
| Behavioral Monitoring | Tracks user actions for unusual or risky behavior |
| Network Surveillance | Continuously monitors data transfers and access attempts |
| Endpoint Protection | Scans connected devices and access points in real time |
| Access Control Monitoring | Keeps track of authentication attempts and user permissions |
"By the end of the second day after the SolarWinds attack had been publicly disclosed, I had done executive updates confirming the status of where we were related to the threat. That was purely based on what we had gotten from Team Axon in the form of in-platform reports after they sweeped IOCs and confirmed that our environment was clean." - CISO, FinServ Company in the US
The importance of robust threat detection cannot be overstated, especially as insider threats surged by 67% during the remote work boom of the pandemic. To counter this, Follow Up Boss enforces strict access controls and network segmentation, minimizing the risk of attackers moving laterally within the system. When threats are detected, the platform ensures a swift and structured response.
Security Response Plan
Follow Up Boss is prepared for incidents with real-time backups (retained for 35 days), daily redundant database backups (stored for one year with separate providers), and an impressive 99.95% uptime. The platform also conducts thorough security assessments to stay ahead of threats:
| Assessment Type | Frequency | Purpose |
|---|---|---|
| Google Security Audits | Annual | Ensure compliance with Google security standards |
| Independent Security Reviews | Periodic | Validate security measures with external experts |
| Vulnerability Assessments | Ongoing | Identify and address potential weaknesses |
| Penetration Testing | Regular | Test system defenses against cyberattacks |
"Overall, the support from Hunters was phenomenal. But what was really meaningful early on in our POC was Team Axon. They were the team of professionals that identified the security incident that we had across multiple environments, and told the narrative quickly, accurately, and concisely." - John Fung, (Former) Deputy CISO, Cimpress
The urgency of a strong security response is highlighted in the 2024 Global Threat Report, which recorded the fastest eCrime breakout time at just 2 minutes and 7 seconds in 2023. To stay ahead, Follow Up Boss continuously updates its systems and reviews policies to ensure the highest security standards.
Conclusion
Follow Up Boss takes protecting sensitive real estate data seriously, implementing a range of security measures to navigate today’s challenging digital environment. These features work together to safeguard the platform and ensure swift action when needed:
| Security Component | Key Benefit |
|---|---|
| Data Encryption | Bank-level HTTPS encryption helps reduce risks, with the average data breach costing $9.36M. |
| Access Controls | Role-based permissions restrict access to sensitive information. |
| Monitoring Systems | Around-the-clock monitoring ensures threats are detected and addressed promptly. |
| Compliance Standards | Meets SOC requirements and privacy regulations to maintain trust and compliance. |
| Backup Systems | Daily redundant backups keep business operations running smoothly. |
By conducting regular independent audits, Follow Up Boss underscores its commitment to protecting data. As highlighted by industry professionals:
"REALTORS® strongly support efforts to protect consumers' sensitive personal information."
The platform’s advanced threat detection and rapid response capabilities allow real estate teams to prioritize their work without compromising security. Regular updates and comprehensive monitoring keep sensitive data safe at all times.
Integrated seamlessly into this secure system, Ace AI enhances protection while optimizing agent workflows. It ensures no lead is overlooked, all while keeping client information secure and confidential.
FAQs
How does Follow Up Boss protect user data and comply with privacy laws like GDPR and CCPA?
Follow Up Boss places a strong emphasis on keeping your data safe and ensuring compliance with privacy laws like GDPR and CCPA. They achieve this through advanced encryption, detailed user permissions, and secure integrations, offering protection at every step.
The platform also values transparency, giving users clear control over their personal data while following strict data-handling protocols. To back this up, they conduct regular security audits and stick to industry best practices, demonstrating their dedication to protecting sensitive information.
How does Follow Up Boss ensure data security during third-party integrations?
Follow Up Boss takes data security seriously, especially when it comes to third-party integrations. It uses bank-level HTTPS encryption to safeguard all connections. On top of that, daily backups are stored across multiple redundant data centers, so your information is not only secure but also readily available when you need it. The platform also undergoes annual independent audits and collaborates with experienced security researchers to promptly identify and fix any vulnerabilities. These steps are in place to keep your data safe and protected at all times.
How does Follow Up Boss protect against security threats using AI?
How Follow Up Boss Protects Your Data
Follow Up Boss uses an AI-powered threat detection system to safeguard your information. By constantly monitoring user activity, it can spot unusual patterns that might indicate a security issue. This system relies on advanced machine learning to analyze data in real-time, enabling swift detection and response to any suspicious activity.
But it doesn’t stop there. Follow Up Boss also incorporates robust data encryption and customizable user permissions to ensure that only the right people can access sensitive information. These multiple layers of security work together to reduce risks and keep your business safe from breaches.
