This is part 1 of a 3-part blog series on CRM best practices. In this post we provide a technical overview of backup, security, and support.

Part 2: Data integrity

Part 3: User adoption

Data integrity is key to a good CRM user experience.

Insightly continues to go the extra mile to build product features designed around data security, protection and permissions.

Significant Insightly CRM updates (2016-2017):

  • SOC2 Type 2 compliant
  • EU-U.S. Privacy Shield compliant
  • TRUSTed Apps Data Privacy certified for G Suite
  • SAML-based Single Sign-On (SSO)
  • Recycle Bin
  • API v2.2
  • Advanced Permissions
  • Smart Merge
  • Duplicate Detection
  • Bulk Import Update

Version History & Backups

Insightly has passed a major data provider audit and is now SOC2 Type 2 compliant. Plus, Insightly offers a Recycling Bin feature to restore deleted records from the past 30 days. In a recent release, Insightly now also tracks the opportunity change history and displays a full audit log of what was changed and by who within the opportunity record. See information like who updated the forecasted Close date and when the change was made.

In Insightly, there are three main ways to backup your data.

  • API v2.2 allows you to get almost all of your data with the exception of some system & user settings. While API v2.2 requires programming work, there is an automated backup service that connects to the API called recently updated their software to get all available Insightly data and settings backed up to a storage service of your choice every 10 minutes. Lastly, you should take into account how many API calls you are making per day. The daily API throttling limits vary depending on your plan.
  • Data Exports give you most of your data in the form of XML files. Some objects, related links between objects, and fields are not available or may be incomplete.
  • Reports will help complement the Data Export, but unfortunately both tools combined, still do not offer a complete export of all the related links and fields for each object. File, Event, Task, Project, and Opportunity History Reports will offer the most significant amount of information not found in the data export.

Here is a chart showing a general view on the availability of objects and settings objects from each source:

(Click here for more up-to-date information)

Get the data you need and backup your data often. In the event of a cyber attack, user error, or audit, all versions of your data will be physically in your hands.

Interested in automated data backup with

Use coupon code CLREFERRALSCOM when signing up for 10% off first month’s subscription.

Advanced Security

As of September 6th, 2017, Insightly only had Single Sign-On (SSO) access with Google G Suite. Today, users can have SSO access to Insightly via their Microsoft Azure AD panel, Office 365 portal, and/or identity provider (IdP).

Google G Suite & Microsoft Azure AD both complement Insightly with these 10 advanced security features:

  • SAML-based SSO Compatibility*
  • OAuth SSO Compatibility
  • Two-factor Authentication (2FA)
  • Self-service Password Reset
  • Restrictions Reusing Expired Passwords
  • Required Password Length
  • Monitor Password Strength
  • Risky User Sign-in & Activity Alerts
  • User Sign-in Audit Reports
  • Session Timeout

*Insightly offers SAML-based SSO compatibility only on the Enterprise plan and is compatible with all IdPs that support SAML.

Whether or not you integrate Insightly with Google G Suite, Microsoft Azure AD, or an IdP like OneLogin, reset your password(s) at least once every 90 days. This will automatically increase your security level.

User Permissions

Insightly has two ways of managing user permissions: Simple & Advanced. Both features do a great deal to protect customer data.

Insightly’s Advanced Permission feature does not currently apply on files uploaded directly to Insightly. However, if you wish to put in place that extra level of control, use one of Insightly’s native-integration services like Dropbox or Google Drive. By storing Google Drive, OneDrive or DropBox rather than directly in Insightly.

While advanced permissions helps protect your data, permissions may deactivate the duplicate detection feature when creating or updating records. This only happens when the user creating or updating the record does not have visibility permissions to the possible matched record(s). The only way to clean up the duplicates is to merge the records.

Stay tuned for Part 2 of “5 Best Practices for Insightly CRM” where we provide more helpful tips and insights on deduplication best practices!

To be continued…