Sinergify Security
Published Date: 05-08-2024
Read Time:
Product Summary
Sinergify, a Salesforce and Jira connector, is a product from the house of Grazitti Interactive. Since its inception in 2016, Sinergify has come a long way and helped many companies digitally transform and build a synergistic workspace. Sinergify is the best-of-breed connector for Salesforce and Jira integration as it comes with a number of out-of-the-box features and functionalities including the integration of all standard and custom Salesforce objects with Jira products (both cloud and on-premises).
Figure (i) Integration Process
Secure Software Development Life Cycle
Sinergify’s product lifecycle includes the framework, governance, and a set of tools, checkpoints, and industry best practices that enable Sinergify to ensure business readiness throughout the product lifecycle. Product planning, release management, execution, risk management, decision making, application security check, and performance monitoring are integrated activities in the product lifecycle.
Figure (ii) Product Lifecycle Management Flow
Requirement Gathering and Analysis
In this phase, new features and their objective are decided. On-demand functionalities can also be included subjecting to feasibility. Once the requirements are finalized the SRS (Software Requirement Specification) document is created and shared with the development team.
Solution Design and Development
The development team builds the product per the SRS document. Any additions to the code base, metadata, data dictionaries, data flow diagrams, and logical diagrams will be done at this stage.
Testing
Testing takes place when development is completed and the modules are released. In this phase, the developed system undergoes functional testing, cross-browser testing, responsive testing, integration testing, and regression testing.
UAT
Beta testing is performed by the testing team. The goal of UAT is to ensure that product enhancements are working per the acceptance criteria. The documentation and training videos are also created at this level.
Deployment
The product enhancements are pushed to the AppExchange after successful UAT and upon receiving a good-to-go from the QA team.
Support
Grazitti provides full-time support to our Sinergify customers throughout the contract period post go-live. Any issues encountered with the out-of-the-box functionalities or customizations are taken care of by our professional services team at Grazitti.
Privacy by Design
Grazitti Interactive has adopted the principle of privacy by design and has all the appropriate security controls in Grazitti products. Grazitti has an information security group that works with the engineering team during product development to evaluate security and privacy risks and implement security measures/safeguards to mitigate such risks and comply with the applicable laws/standards. The use of techniques like data minimization and Pseudonymisation is also considered wherever appropriate and applicable.
Grazitti ensures that the definition and planning of all new and significantly changed systems that collect or process personal data will be subject to due consideration of privacy issues, including the completion of data protection impact assessments.
Sinergify does not collect any personal data, however, we may collect data with the usage of our product’s website, check Sinergify website privacy notice at: https://www.sinergify.com/legal/privacy-policy/
Vulnerability Management
Sinergify is built keeping salesforce securities and best practices into consideration. Every package update is passed by the salesforce security review and checkmark report (Static code analyzer) and Zap to test the integration API. Everything from permission to Apex, code quality, SOQL injections, XSS, XSRF, and JavaScript High Risk is taken care of before every release.
Sinergify Security Issues Remediation
Sinergify customers can report security issues or concerns to the Sinergify support team by filling a form on our online portal at www.sinergify.com/support-portal or by dropping an email at [email protected]. Sinergify maintains and tracks the issues identified or reported by the customers via Zoho Service Desk.
Product development, testing, or customer-triggered bugs including suspected and confirmed security gaps are documented and are resolved before the product release.
Security Certifications
Security and compliance are top priorities for Grazitti since they are fundamentals to securing data, eliminating systems vulnerabilities, and ensuring business continuity. Security is a key component in our offerings and is reflected in our people, processes, services, and products. Grazitti uses a variety of industry-standard technologies to secure data from unauthorized access, disclosure, use, and loss.
Grazitti Interactive is ISO27001:2013, ISO27701:2019, and HIPAA Certified. Grazitti Interactive has SSAE 18 SOC 1 SOC 2 Type 2 reports that demonstrate how the company achieves key compliance controls and objectives. Access for the same will be given on request after the execution of the NDA.
For a complete list of Grazitti Compliance & Certifications, please visit https://www.grazitti.com/company/security-and-compliance/