Frequently Asked Questions

How does my company get a public vendor trust report?

Please contact [email protected] if you are interested in submitting information on your company’s security posture so a report can be drafted.

Is there a way to approve access from our CRM (like Salesforce)?

Our current Salesforce integration does not allow for approvals/invitations from directly within Salesforce. However, you can approve customer access requests directly within Slack. This is a paid feature; contact your customer success manager for more information.

Can I allow customers to redline the NDA in Conveyor?

No, we have scoped our NDA to limit this to the sharing of our security documents for the purpose of evaluating Conveyor as a vendor and cannot accept redlines.

If I invite a customer to the Room, but they do not log in, does it count against my connections?

No, only customers that take action (downloading a document, viewing a knowledge base question, etc) count as an active connection.

What counts as a “connection” for the Customer Trust module?

A connection is an organization that you connect to, in order to grant access to your Room / Knowledge Base. If you grant access to multiple individuals from a single organization, that counts as only one connection. For more general pricing details and questions, please reference our pricing page here.

What do the different data classification levels in Conveyor mean?

Data classification is a technique to simplify security for your organization by reserving the most stringent controls for the most sensitive data and systems. For example, AWS might host your core data and workloads, and have all kinds of sensitive customer data and PII. You might classify it as Sensitive/Regulated and implement a corresponding access control review policy that says Sensitive/Regulated systems will be checked monthly. For more information check out the Apitble asset management guide.

What's the difference between a SaaS System and a Vendor in your Vendor Management module?

The Vendor asset type in Conveyor represents the legal entity and is associated with data like contracts (BAAs, SLAs, DPAs, etc.) and workflows like annual vendor reviews. For example, if you use AWS, Amazon is the vendor.

The SaaS System asset type in Conveyor represents the distinct service (EC2, S3, etc.) or instance of a service (main Slack account, support Slack account, etc.). SaaS Systems are associated with workflows like access control reviews and 2FA enrollment checks.

For more on vendor management, please find Aptible's vendor management guide and their asset management guide.


Did this page help you?