🔒 Is My Data Safe?

Coefficient understands the need to keep your data safe and protected. We have several security measures in place to protect you and your data.

Managing Connected Sources

Existing Connections: Manage your existing connections with ease – Click on an existing connection to determine the authentication credentials being used. Click on the >>> in the top right to rename the connection or reload

New Connections: Easily add a new connection from the connected sources page using your authentication credentials for the system you would like to connect.

Admin Panel

Coefficient users on the team and Enterprise Plans have access to the Admin Panel. This allows admins to manage imports, runs, users, and the ability to import into the current spreadsheet.

  • Managing Imports: This gives the admin visibility into the target spreadsheet, import name, import creator, source system, last run, run status and whether it’s scheduled.
  • Managing Runs: This gives the admin visibility into recent runs and the status of those runs.
  • Managing Users: This gives the admin the ability to manage users and their associated imports.
  • Import Into Current Spreadsheet: This gives the admin the ability to export data to the current spreadsheet for deeper analysis.

Infrastructure Security

The Coefficient application is hosted on established cloud hosting providers. We follow cloud security best practices to prevent unauthorized access to our systems and to protect customer data.

Coefficient’s backend infrastructure is hosted on AWS. Inbound traffic is restricted to our external-facing Application Load Balancers (ALB). Individual system components, such as application servers, caching servers, and database servers, are deployed in an isolated Virtual Private Cloud (VPC). We use security groups heavily to ensure that individual system components within our VPC are inaccessible from the public internet.

The front-end interface of the Coefficient application is a Google Sheets Add-on, which users install from the G Suite Marketplace. As is the case for all G Suite Add-ons, the Coefficient Google Sheets Add-on is hosted on Google’s Apps Script servers.

The Coefficient Add-on communicates with our backend systems by making [REST API]. calls from Google Apps Script and standard in-browser JavaScript. All externally accessible endpoints in Coefficient’s production environment are HTTPS-only (TLSv1.2+).

Authentication

Customers authenticate with Coefficient via Google’s OAuth mechanism. The Coefficient Google Sheets Add-on attaches the Google-issued OAuth token on each API request to our backend systems. Our API servers then validate this OAuth token by making a request to Google’s OAuth servers. This authentication scheme allows us to identify and authenticate a user without needing a separate Coefficient username/password. (Easy peasy lemon squeezy!🍋)

Data Security

Coefficient sits on top of your data source systems. When the Coefficient application extracts data on your behalf, our servers make live API calls to your cloud data sources (e.g. Salesforce) and perform live queries directly against your databases. We never store copies of your source data on our servers.

In our databases, we store only the necessary metadata about your source systems that allows the Coefficient application to import your source data into your Google Sheets documents. When a user is configuring or running a data import, some data might be temporarily cached, but only for the duration required to complete the desired operation.

We also take great care to never record customer data and credentials in our production server logs. In the event that we detect sensitive customer information in our logs, we will expunge all offending log records immediately.

Source System Credentials

Access credentials to our customer’s data sources, such as OAuth tokens, API keys, and passwords, are encrypted at REST, with decryption keys stored in the AWS Key Management Service (KMS). The Coefficient application uses these access credentials for the sole purpose of extracting data into Google Sheets documents on a user’s behalf.

Occasionally, when a customer reports an issue with the Coefficient application, we might deem it helpful to use their data source access credentials for troubleshooting purposes. If so, our support and engineering teams will first request explicit approval from the appropriate contact(s) within the customer’s organization (i.e. the individual or team responsible for managing data access controls for the source system in question).

Request to Delete My Data from Coefficient

If a customer requests that their data be removed from our databases there are a few steps involved:

  1. Formal request needs to be submitted to Coefficient via email.
  2. Coefficient will attempt to verify the owner of the data by sending a confirmation email. If you are not the owner of the data – we will need the owner to provide the formal request.
  3. Once confirmed, Coefficient will delete the requested data from our production systems.

NOTE: Once the data is deleted we cannot recover it again, so please make a backup/ save your data prior to submitting your request.

If you have further concerns or questions about data security, please reach out to Coefficient at support@coefficient.io and we will be happy to discuss further.