DAY ONE runs on Salesforce and uses Salesforce-native identity, permissions, and auditing, so access and control are governed inside your Salesforce environment. Salesforce maintains independent security certifications and assurance reports for its platform and provides extensive documentation to support customer compliance requirements.
Security and Trust
Protection
DATA
Protection
DATA
Encryption
In transit: TLS 1.2 or higher.
At rest (optional): Salesforce Shield can be purchased to provide encryption at rest for customers who need it.
Data residency
Your data is stored on Salesforce data centres. Location depends on the region associated with your Salesforce instance, and Salesforce complies with data residency and sovereignty requirements.
Export & portability
Export using Data Export Service, Data Loader, APIs, or AppExchange tools. Migration is feasible with structured mapping of objects, fields, and relationships.
access control
Identity &
DAY ONE uses Salesforce authentication and access controls to enforce least-privilege access.
>MFA
Required for Salesforce logins.
RBAC
Permission sets and roles.
SSO
Supported via identity provider.
Session controls
Timeouts and IP restrictions.
Login monitoring
Admin visibility via login history and monitoring tools.
Backup & recovery
Salesforce automatically performs daily backups of customer data and can restore on request
in the event of data loss. Customers can also implement additional backup strategies via
Salesforce-native exports or AppExchange tools.
Reliability and performance
Uptime
Designed in alignment with Salesforce’s 99.9% uptime SLA, ensuring reliable access and minimal service interruptions for business-critical operations.
Transparency
Provides real-time system status, performance history, and incident updates through the Salesforce Trust site, enabling full visibility into platform health and reliability.
Peak usage
Enterprise-grade scalability with load balancing and real-time monitoring to ensure stable performance during peak demand.
Security answers in
one place
Request the Security Pack for certifications, controls, and the full IT, Security and
Performance FAQ.
Frequently Asked Questions
What standards do you align to?
Inherit Salesforce standards including ISO 27001, SOC 2, SOC 3, GDPR alignment, and CSA STAR.
How is data encrypted?
TLS 1.2+ in transit. Encryption at rest available via Salesforce Shield if required.
Where is data stored?
On Salesforce data centres, based on your instance region, aligned to residency and sovereignty requirements.
How do you control access?
MFA, RBAC, SSO options, session controls, and login monitoring via Salesforce.
What are your backup options?
Daily Salesforce backups with restore on request, plus optional exports and AppExchange tools.
What is your uptime commitment?
Aligned to Salesforce 99.9% uptime SLA.
Can we export our data?
Yes, via Data Export Service, Data Loader, APIs, or AppExchange tools.
Can we migrate off the platform?
Yes. Migration is feasible with structured mapping of objects, fields, and relationships.