Trust | Gearset

The numbers

We’re proud of how many companies and Salesforce teams we’ve helped. Our users’ success metrics are anonymously tracked to show the value they deliver.

Start your free trial

0: Hours saved

$0: Productivity savings

So far, we have enabled

0: Deployments

0: Comparisons

0: Records backed up

0: Metadata items deployed

0: Records deployed

0: Unit tests

We deliver for our customers

0%: Deployment success rate

00:00:00: Support response time Source: Intercom

0%: Customer happiness Source: Intercom

We release updates over 10x per week

0: Uservoice requests delivered

0: PRs merged

0: Gearset app releases

Secure Salesforce DevOps

Built around trust

Trust is a core principle at Gearset. We understand the kind of data that users trust Salesforce with, and Gearset has been built to respect that data and that trust. We have invested a great deal of time, effort, and resources into ensuring that our users’ information is secure at all times. As a result, Gearset has been certified by external auditors to the international information security standard ISO 27001.

For more information on our security controls, contact [email protected] to request our security whitepaper. You can also visit our Whistic public profile for up-to-date versions of industry-standard documentation.

Enterprise-grade security

Data encryption

Gearset ensures metadata and data is encrypted at all times, both in transit and at rest. In transit, we use the latest SSL standards and enforce TLS 1.2 on every page. This gains us the highest SSL labs security report (SSL report). At rest, Gearset uses one of the strongest block ciphers available to encrypt your data, 256-bit Advanced Encryption Standard (AES-256). Each object is encrypted with a unique key, and a rotating master key protects each unique key.

Intrusion protection

We maintain 24/7 intrusion detection on our service, guarding against unauthorized access with logging analysis, policy monitoring, rootkit detection, and real-time alerting.

Penetration testing

Gearset undergoes regular penetration tests by CREST certified professionals. These tests probe for vulnerabilities in our application and ensure we’re always ahead of the game in keeping our security world-class. Results of our latest assessments are available upon request.

Compliance

ISO 27001

Gearset has been audited and certified to the international information security standard ISO/IEC 27001:2013. This certification demonstrates that Gearset has implemented a comprehensive, effective, and continually improving Information Security Management System. Certification involves regular audits to verify our compliance.

Data protection and privacy

Where we process personal data on behalf of our customers, we commit to do so in accordance with all applicable Data Protection Laws and Regulations, including UK GDPR and the Data Protection Act, EU GDPR, and the CCPA. For more information, see our document on how Gearset handles personal data

Secure hosting

Gearset instances and storage are hosted on Amazon Web Services (AWS), the same data centers that Salesforce and Heroku trust for their computing needs. Gearset offers hosting options in the United States, the European Union, and Australia to allow customers control over data residency. These industry-leading, secure facilities hold the following accreditations: SOC1, SOC2, SOC3, PCI DSS Level 1, ISO 27001, HIPAA and more.

These data centers are protected by the strictest security controls. Physical access to our servers is restricted to authorized personnel only. In addition to this physical security, Gearset’s services run on our own VPC (Virtual Private Cloud) inside AWS to further isolate our networks, in accordance with networking and security best practices.

Maximize your Salesforce investment

Gearset is trusted by over 2,300 teams globally.