Compliance Tab

New Compliance

What Does The Compliance Tab Do?

The compliance tab is a more recent addition to the boberdoo system and provide everything you need to keep your data secure in one easy to use place. Going through the different subtabs, you have:

Data Retention Policy

If you log into your system and click on the Compliance tab, you will see exact details of which fields are marked as PII and which are marked as Sensitive/Delete with Sensitive. In general, PII is name, address, email, phone and IP address, those get cleared at 30 days. Sensitive is personal health information, financial information, account numbers and date of birth, those get cleared at 7 days. When we clear email and phone numbers we store a hashed value in boberdoo, so that way it is still possible to search for an email address and we can find the lead(s) based on that hashed email after the 30 days.

For info about data retention, please see our Secure Data Retention page.

Lead Search/Delete

The Lead Search/Delete functionality allows you to search for a specific lead and delete (clean) sensitive information associated with the lead across the system.  After a lead is cleaned, sensitive information is replaced with encrypted values and can no longer be viewed unless you are in secure mode.

  • Select Lead Search/Delete from the Compliance menu.
  • Search by Email or Primary Phone number.
  • Select the leads that you want to clean and click Start Clean.
  • You will be prompted for your password in order to access Secure Mode.
  • After the lead is cleaned, the lead will still be available, however, sensitive information and PII will no longer be available to view in the lead system.

Compliance 2

Lead Search AWS

This feature allows you to search for leads that have been exported to AWS S3 directly from your boberdoo system.

  • Select Lead Search AWS S3 from the Compliance menu.
  • You will be prompted for your Amazon login credentials.  Enter your Search User Access Key and Search User Secret Key and click Submit.
  • Select a Date Range, Lead Type, Search Field (Last Name, Email, or Primary Phone), and enter the Search Value that you are looking for. Click Search. Search results from S3 will be displayed in your boberdoo system.

This feature allows you to:

  • Display leads in the UI
  • Search by more fields
  • Search for leads that are not in boberdoo anymore
  • Use directly from your browser to AWS

Compliance 3

Block List

The Block List feature allows you to block a particular lead from entering your system.  A block can be placed on an email address or phone number.

  • Select Block List from the Compliance menu.
  • Click +Add New Email (Phone) and enter one or more values. Multiple entries must be separated by commas or a new line.
  • Click Add.
  • To find out if a particular lead is on your block list, enter the email address or phone number in the search field and click Search.
  • If the lead is on your block list, you will see when it was added and the user who added it.

Compliance 4

Secure Mode Logs

Secure Mode Logs keep track of all privileged user activity in Secure Mode. Recorded log values include the date of the activity, lead type, lead ID if applicable, IP address, user name and the action taken in the system.

  • To view the logs, selected Secure Mode Logs from the Compliance menu.
  • To search the logs for activity by a specific user, enter a user name or partial user name in the search field. (e.g. manager)

Compliance 5

Additional Security Questions

Login Security (2FA)

To ensure that logins are secure, boberdoo now has Two Factor Authentication (2FA). It is now available in all lead systems and able to be set based on the user type. 2FA will soon be required in lead systems so get a jump on that now! 2FA is now widely used as a secure way to log into your account rather than with only a password. You can verify yourself in three different ways. The verification methods are email, SMS messaging or using an authenticator app such as Google Authenticator or Microsoft Authenticator.  Set up your 2FA under Settings tab > 2FA Settings.

API Keys

In the boberdoo system API keys are decoupled from users. This allows APIs to be used for the use case instead of being tied to a user.

Lead Field Security

Different lead fields hold different bits of information, some more sensitive than others. In order to keep lead fields secure, we have a maximum day limit for PII and sensitive fields, see above. Sensitive field encryption is also used to keep sensitive information secure the second they get into a lead system. Secure mode is also used as an extra layer of security to view these sensitive fields. To activate secure mode, click the user drop down on the top right of your lead system, it is there along with settings and themes.