What Does The Compliance Tab Do?
The compliance tab is a more recent addition to the boberdoo system and provide everything you need to keep your data secure in one easy to use place. Going through the different subtabs, you have:
Data Retention Policy
If you log into your system and click on the Compliance tab, you will see exact details of which fields are marked as PII and which are marked as Sensitive/Delete with Sensitive. In general, PII is name, address, email, phone and IP address, those get cleared at 30 days. Sensitive is personal health information, financial information, account numbers and date of birth, those get cleared at 7 days. When we clear email and phone numbers we store a hashed value in boberdoo, so that way it is still possible to search for an email address and we can find the lead(s) based on that hashed email after the 30 days.
For info about data retention, please see our Secure Data Retention page.
The Lead Search/Delete functionality allows you to search for a specific lead and delete (clean) sensitive information associated with the lead across the system. After a lead is cleaned, sensitive information is replaced with encrypted values and can no longer be viewed unless you are in secure mode.
Lead Search AWS
This feature allows you to search for leads that have been exported to AWS S3 directly from your boberdoo system.
This feature allows you to:
The Block List feature allows you to block a particular lead from entering your system. A block can be placed on an email address or phone number.
Secure Mode Logs
Secure Mode Logs keep track of all privileged user activity in Secure Mode. Recorded log values include the date of the activity, lead type, lead ID if applicable, IP address, user name and the action taken in the system.
Login Security (2FA)
To ensure that logins are secure, boberdoo now has Two Factor Authentication (2FA). It is now available in all lead systems and able to be set based on the user type. 2FA will soon be required in lead systems so get a jump on that now! 2FA is now widely used as a secure way to log into your account rather than with only a password. You can verify yourself in three different ways. The verification methods are email, SMS messaging or using an authenticator app such as Google Authenticator or Microsoft Authenticator. Set up your 2FA under Settings tab > 2FA Settings.
In the boberdoo system API keys are decoupled from users. This allows APIs to be used for the use case instead of being tied to a user.
Lead Field Security
Different lead fields hold different bits of information, some more sensitive than others. In order to keep lead fields secure, we have a maximum day limit for PII and sensitive fields, see above. Sensitive field encryption is also used to keep sensitive information secure the second they get into a lead system. Secure mode is also used as an extra layer of security to view these sensitive fields. To activate secure mode, click the user drop down on the top right of your lead system, it is there along with settings and themes.