# Question SalesForce

1 Where are hosting centres located where BT data will be stored, Primary and DR sites are currently located at our data centres in the USA. Locations may
including DR and backup sites (need to prove data will not be moved) include California, Virginia or Illinois. Salesforce.com plans to open a UK based data centre in
2014, but DR environment will still be in the USA.

2 Where are the support teams for the hosting centres infrastructure Support teams are physically located near to the data centres and we only use full-time
located and by whom (third parties etc). Is any support carried out employees to maintain the production infrastructure. System administration tasks may be
remotely from offices, if so where? conducted remotely.

3 Is end to end encryption available Yes, network traffic is SSL encrypted to edge, clear text once past the Salesforce edge

4 Who supports and administers the application on behalf of the The production salesforce.com service is administered by employees of salesforce.com. These
supplier and where are they located employees are located near the physical location of the data centre for which they have
responsibility.

5 Who on behalf of the supplier has access to data in the applications, Data is held in co-mingled application tables within the database. Only a small number of DBAs
just DBA’s or other roles are given access to the raw data and segregation of duties ensures that these individuals do
not have access to the application, making it extremely difficult for them to make sense of the
data which they are able to see.

6 How does BigMachine integrate with SalesForce BigMachines is integrated through the Salesforce.com web services API.

7 How is data exchanged between SalesForce and BigMachines From within salesforce.com, buttons or links are configured to initiate a BigMachines session.
The code for these buttons may pass contextual variables (such as record ID) to enable
BigMachines to pass data back to the appropriate records. BigMachines will use the standard
API to pass data back into salesforce.

8 How will data be loaded to the application Manual input, bulk upload

9 If bulk upload is required what method will be used DataLoader (a client tool which utilizes the salesforce web services API to bulk load data from
either a flat file or another database).

10 What authentication method will be used to access the appliction Once your users are set up, you can authenticate login requests in several ways:
- with traditional username/password authentication
- federated authentication single sign-on (i.e., SAML)
- delegated authentication (e.g., LDAP)
- OAuth2
 Additionally, you can configure user profiles to enforce time- and IP-based login restrictions.
For auditing purposes, Force.com maintains a history of login requests.

NB. SAML currently being implemented within BT.

11 What type of data encryption is available for application data Specific custom fields can be secured using AES-128 encryption. Further details are available
here: https://help.salesforce.com/HTViewHelpDoc?
id=fields_about_encrypted_fields.htm&language=en_US

12 Is data encrypted at rest and in transit Data is encrypted in transit, but is held as cleartext in the database, with the exception of
encrypted custom fields (see 11).

Encrypted fields are not a solution to this and the alternative is to look at reviewing with BT
security regarding the risks and the current SF solution. It may be possible for the business to
gain an exemption if this is acceptable to security.

13 How is the BT data logically and physically segregated from other Salesforce.com is a multi-tenant application with customer data co-mingled at the database
customers of the supplier level. Whilst there is no physical segregation of data, logical segregation is achieved through
the use of an organization ID, which uniquely identifies each customer and is used to tag every
row in the database. The organization ID is used to filter results at every stage in the
processing of a transaction, thus ensuring that customer data is never shared with anyone
outside of the organization.

14 How is user access control applied to the application and data and Comprehensive role and profile based security is applied to ensure that only authorized
what audit and logging is available individuals are able to see specific data items. Further information is available here:
https://help.salesforce.com/apex/HTViewHelpDoc?
id=security_data_access.htm&language=en_US

User login and record updates are logged for all users and records. In addition, specific fields
can be flagged for detailed auditing. Further information is available here:
https://help.salesforce.com/apex/HTViewHelpDoc?
id=security_overview_auditing.htm&language=en_US

15 How is the data stored, what operating system, web and database Data is held in an Oracle database running on Linux operating system.
technology versions are used in the application.

16 Is the company safe harbour registered Yes.

17 Does the company have ISO 27001 registration Yes.

18 What is the data retention period and how is it controlled and applied Data remains the property of the customer and will be retained in the database until either
deleted by the customer or the termination of the contract. Upon termination, the data is
retained for a period of 30 days before it is automatically deleted.

From a hardware perpective, end-of-life storage devices are securely erased and disposed of.

19 What penetration testing has been completed that can shared with BT conducted a penetration test during the first quarter of 2013. Feedback has been provided.
BT, can BT complete a new test prior to any contract being signed

20 Who provides network connectivity and type of circuit for application A wide range of hardware is used both to ensure availability, throughput and security across
the infrastructure. All paths from the public internet through to the data are handled by
multiple redundant sets of routers, switches, firewalls and load balancers. Through this
topology, salesforce.com is able to eliminate bottlenecks and single points of failure within the
network. In addition, the configuration is designed to meet the stringent security
requirements imposed by our business and required by our customers.

1. Our data centers all reside at major internet hubs in the US and Japan, giving us
access to a wide selection of networks. We are not tied to a single network provider; we can
select carriers who deliver the best performance, reliability, and capacity. This design ensures
that our customers will experience the shortest access and download times. Our current
network providers are AboveNet, MCI/Verizon, Level 3, NTT, and Sprint/Verio. We also peer at
the public switch at Equinix Exchange, with more than 20 peer networks available. Dedicated
hubs are in US, APAC, and Europe and there is no single point of failure. We have carrier-level
scalability. Cisco tested our network with a simulation that ran multiple gigabits of traffic
(HTTP/S) and millions of sessions without problems.