Security
Squivr is 100% native to
the Salesforce platform
Squivr’s Application:
Is fully native to Salesforce, leveraging the robust security controls inherent to the Salesforce platform to mitigate web application vulnerabilities. Salesforce employs a multi-layered security framework that includes protection against common classes of web application vulnerabilities such as injection attacks, cross-site scripting (XSS), and cross-site request forgery (CSRF).
Key Salesforce-native security measures include:
Web Application Security Frameworks: Salesforce provides built-in protections such as security-aware API endpoints, content security policies, and strict data validation mechanisms.
Platform Integrity: Salesforce uses a web application firewall (WAF) as part of its infrastructure to detect and block malicious web traffic, providing additional protection against web vulnerabilities.
Data Access Controls: Role-based access control (RBAC) and multi-factor authentication (MFA) ensure secure user access and protect against unauthorized data exposure.
By building exclusively on the Salesforce platform, Squivr benefits from Salesforce’s continuous updates, compliance with industry standards, and active threat monitoring, ensuring strong mitigation of web application vulnerabilities.
Salesforce Security
Your data never leaves the Salesforce Platform. Squivr uses the same granular security and sharing setting that Salesforce provides.
Privacy & Compliance
The Squivr application is listed publicly and is compliant with the same privacy and compliance requirements as Salesforce at https://compliance.salesforce.com/en.
Lightning Design System
Using the lightning design allows for quick adoption as Squivr looks and feels like native Salesforce.
Security
Squivr is Salesforce Native. The same security mechanism you trust with Salesforce drive Squivr.
Trust
Squivr must follow all of Salesforce best practices and security policies.
Availability
Squivr has the same availability as your salesforce instance. In addition, Squivr is an ISV partner of Salesforce and follows standards, policies, and best practices listed at https://trust.salesforce.com/en/.
Permission, Logs & Access
Your salesforce administrator controls the permissions, logging, and access to the Squivr Application through Salesforce functionality.
Security Document .PDF
A key pillar of Squivr’s software security is our Salesforce-native architecture, which provides a strong foundation for data protection, compliance, and trust. Since our solution operates entirely within the Salesforce platform, PowerSchool data never leaves your Salesforce environment.
This means:
No external hosting or data replication: All data remains under your direct control within the Salesforce instance you already manage and trust.
Inherited security controls: Squivr leverages Salesforce’s enterprise-grade security, including physical infrastructure protections, encryption at rest and in transit, identity and access management, and continuous compliance with frameworks such as SOC 2, ISO 27001, and FedRAMP (for Government Cloud deployments).
No third-party integrations required for core functionality, reducing exposure and simplifying your risk surface.
Role-based access and native sharing rules ensure that Squivr respects and reinforces your existing Salesforce security model.
Auditability: Since all activity remains within Salesforce, admins maintain full visibility and control using standard Salesforce audit logs, permission sets, and admin tools.
By building directly within Salesforce, Squivr avoids many of the data handling risks associated with external SaaS platforms. This architecture not only reduces security overhead but also helps streamline compliance for organizations that require strict governance over data and operational systems.
Data never leaves Salesforce
No third party web services
No client downloads or plug-ins
Squivr is 100% Salesforce Native
Your data never leaves the Salesforce Platform.
Squivr uses the same granular security and sharing setting that Salesforce provides.