TRUSTED TECHNOLOGY Causia Security
Protecting your complaints management data with Salesforce’s accredited security technology
.png?width=800&height=450&name=Untitled%20design%20(4).png "Untitled design (4)")
Causia’s flagship product, Complaints Pro, is developed on the reliable Salesforce platform. It leverages Salesforce’s advanced security architecture to deliver protection across every layer, from infrastructure and hosting to user access and application data. All Complaints Pro data is securely stored in Salesforce’s accredited data centre, ensuring reliability and compliance with recognised global security standards.
Causia is committed to maintaining strong, end-to-end security across hybrid and remote working environments. When users access Complaints Pro through a Salesforce-backed browser, Transport Layer Security (TLS) technology protects all data with server authentication and advanced encryption. Rest assured your information remains safe, private and accessible only to authorised users in your organisation.
Data Centre Summary
All Complaints Pro data is stored, hosted, and backed up in Salesforce’s secure data centre located in Australia. The facility is designed to deliver high levels of system security, performance, and availability.
Salesforce’s data centre is regularly reviewed and audited to ensure compliance with a range of recognised industry standards, including:
- ISO 27001 and ISO 27017
- PCI DSS
- SOC 1, SOC 2, and SOC 3
- Sarbanes-Oxley (SOX)
- FedRAMP High
Learn more about Salesforce’s accreditations here.
Site Security Controls
Salesforce’s ISO 27001- and FISMA-certified data centre is purpose-built for secure, large-scale data operations. It is discreetly protected by secure perimeter barriers and controlled buffer zones that prevent unauthorised access.
Physical access to critical areas in Salesforce’s data centre is meticulously controlled. Authorised personnel must complete two-factor authentication several times before access is granted, while all visitors and contractors are required to present identification and are escorted by approved staff throughout their visit.
Access rights are strictly limited to employees who require them for legitimate business purposes and are revoked immediately once that need no longer applies. Detailed logging and regular audits of both physical and electronic entry points are conducted to maintain security integrity and ensure ongoing compliance.
Data Centre Power & Management
Salesforce’s data centre is designed with built-in redundancy and high service resilience, ensuring continuous operation even during electrical failures.
- Critical loads are protected by Uninterruptible Power Supply (UPS) systems.
- On-site generators provide backup power for the entire facility.
- All mechanical, electrical, and life-support systems are consistently monitored and maintained by trained data centre personnel.
Data Protection & Recovery
Complaints Pro leverages Salesforce’s proven Business Continuity (BCP) and Disaster Recovery (DR) capabilities to ensure data reliability and protection. These include geographically distributed failover systems, 24/7 global crisis management support, and secure nightly backups stored across multiple locations.
In the event of a service disruption, Salesforce can restore full databases within a defined recovery window, maintaining data integrity and platform availability.
Learn more about Salesforce’s system status and incidents here.
Authentication Security
Complaints Pro requires multi-factor authentication (MFA) for all user logins by default. Supported authentication methods include:
- Salesforce Authenticator
- Google Authenticator
- One-time passcodes
- Built-in biometric authentication such as Windows Hello™, Touch ID®, or Face ID®
Access Management
Complaints Pro offers a multi-layered access control system, enabling administrators to define user permissions with flexibility.
- Default user roles (e.g., administrators, compliance officers, and managers) determine data visibility and access levels across the platform.
- Administrators can configure access for multi-division structures or restrict visibility to specific teams.
- Administratorscan also customise configurations to provide secure access to external partners or service providers when required.
After onboarding, access to client data is fully controlled by the client. Causia’s support team can only access client data when permission is granted. Software updates are deployed through Salesforce’s push-upgrade model, which eliminates the need for direct access to client systems.
To further protect user access, Complaints Pro also allows administrators to set automatic logout time limits after periods of inactivity.
Data Encryption
All data transmitted to and from Complaints Pro is encrypted using 128-bit or 256-bit SSL (https). Salesforce enforces the use of TLS 1.2 or higher for all secure connections. Stored data on physical devices or servers is also encrypted. Please contact one of our complaints and quality experts for more information.
Product Development Standards
Complaints Pro conforms to Salesforce’s secure development standards, which incorporate OWASP security principles. This ensures that Complaints Pro is developed without third-party libraries or dependencies that could introduce security vulnerabilities. Our platform undergoes static code analysis using Checkmarx before each release and is subject to independent annual penetration testing by security specialists. Test results are available upon client request.
Access