Olympus-Grid Security

Introduction

Olympus-Grid is an enterprise architecture platform designed to operate entirely within Salesforce’s managed package environment, ensuring the highest standards of security and compliance. This document outlines the security measures and practices implemented in Olympus-Grid to safeguard data and maintain trust for its users.

Core Security Features

1. Salesforce Managed Package

Olympus-Grid is built as a fully-contained Salesforce managed package. This architecture ensures that:

• Data Residency: All data remains within the Salesforce platform and does not leave its ecosystem.

• Platform Security: Olympus-Grid benefits from Salesforce’s robust, enterprise-grade security infrastructure, including Salesforce Shield (if enabled by the customer).

• Compliance: Salesforce’s certifications and compliance programs (e.g., SOC 1/2/3, GDPR, HIPAA) automatically extend to Olympus-Grid.

2. Authentication via Salesforce, Microsoft, Google, and others

• Olympus-Grid integrates directly with Salesforce.com secure authentication.

• Depending on the customer's requirements we also support logging in with the following methods

  • Microsoft OpenId

  • AWS Cognito

  • Auth0

  • Email Secure Link

  • Email One-time Password

  • SMS One-time Password

• A Salesforce public site guest user is used to establish the initial connection for guest authentication.

• This ensures:

  • Only verified accounts can access data.

  • The elimination of custom authentication schemes, relying instead on a proven, industry-standard solution.

3. Custom Apex API for Admin-Level Data Protection

• Olympus-Grid uses a custom-built API to handle data interactions.

• The API:

  • Ensures administrators have granular control over access and operations.

  • Enforces security policies directly within Salesforce.

  • Prevents unauthorized access by implementing role-based access controls.

4. Filtered Data Access

• Olympus-Grid filters data dynamically based on the authenticated user’s profile.

• This ensures:

  • Users can only access case records linked to their email address or domain.

  • No data leakage occurs across users or organizations.

5. Salesforce-Native Security Settings

• Olympus-Grid inherits and enforces all security configurations defined within the customer’s Salesforce environment, including:

  • Object-level, field-level, and record-level security.

  • Advanced encryption and monitoring provided by Salesforce Shield (if enabled).

  • Comprehensive audit logging for all user activities.

6. Data Backup and Recovery

• Salesforce’s robust data backup and recovery mechanisms ensure data integrity and availability for Olympus-Grid.

• Customers can rely on Salesforce’s native backup solutions to safeguard their data, with additional logging and monitoring built into the managed package.

7. Open Standards for Session Management

• User sessions utilize open standards, such as OpenID Connect, for secure authentication.

• Once authenticated, Olympus-Grid generates JWT (JSON Web Tokens) to establish session access for users.

• This approach provides:

  • A secure, stateless mechanism for session management.

  • Seamless integration between your authentication method and Salesforce’s session handling.

Key Benefits of Olympus-Grid Security

1. Comprehensive Data Protection:

   • Data never leaves Salesforce.

   • Strict access control and filtering mechanisms ensure data is accessible only to authorized users.

2. Enterprise-Grade Authentication:

   • Leveraging OAuth, JWT, and Microsoft OpenID ensures secure, trusted, and user-friendly login experiences.

3. Platform Security:

   • Olympus-Grid’s managed package architecture ensures compatibility with Salesforce’s security infrastructure and compliance standards.

4. Granular Access Control:

   • Custom APIs and Salesforce-native security settings provide robust controls over user access.

5. Auditability and Transparency:

   • Salesforce’s Shield and logging features ensure a full audit trail of all activities within the platform.

Conclusion

Olympus-Grid is designed to prioritize security at every level. By leveraging Salesforce’s enterprise-grade infrastructure, Microsoft OpenID standards, and custom-built APIs, Olympus-Grid ensures the highest standards of data protection, compliance, and user trust. Organizations can confidently adopt Olympus-Grid knowing their data and processes are safeguarded by industry-leading security practices.

For more information, please contact us at [email protected]