PerfectView Update GDPR

PerfectView CRM Online now offers you the features you need to meet the requirements set by the GDPR from May 25th.

The adjustments in PerfectView include the expansion of the access security of your CRM environment. This allows you to demonstrate that you have taken the necessary measures. In addition, options have been added in the application that make it possible to export, anonymize or delete the personal details of your relations. This allows you to comply with a request for inspection or the right to be forgotten. We also created a logbook functionality. You can reduce every action in CRM from now on.

In this blog we explain the new features to you in detail.

What does this Update entail?

  1. We changed the way your password is stored and the way you can manage it.
  2. We gave you the opportunity to secure CRM Online with two-factor authentication.
  3. We gave you options to anonymise personal data of your relations, transfer them to organizational level and / or delete them.
  4. We offer you insight into the change-history of CRM Online.

Password policy

  1. We changed the way your password is stored and the way you can manage it.

Store your password

The password policy changes on a number of points. Let’s start with the way we save your password. This happens based on hashing. By saving this way we guarantee the highest level of privacy.

Complexity of your password

The complexity of passwords can be set by administrator(s). Discuss with other users and your administrator(s) what the right options are for your organization. Every user of CRM has, in view of the requirements of the GDPR, a duty to monitor the security of the system.

There are several options from which you can choose with regard to complexity.

Standard          minimum: 6 characters

Normal             minimum: 8 characters (at least a lowercase letter, uppercase letter and number)

Better                minimum: 8 characters (at least a lowercase letter, capital letter, number and sign)

Good                  minimum: 10 characters (at least a lowercase letter, capital letter, number and sign)

Best                    minimum: 12 characters (at least a lowercase letter, uppercase letter, number and sign)

The settings can be adjusted via Application settings> Access settings

As soon as an option is chosen, each user will eventually be faced with the new requirements. This will happen when his or her password expires or immediately when administrators choose to apply the changes immediately by choosing “Force password complexity”.

Setting a new password for users is as follows:

Your password gets a “security score” (in this screenshot “63”). The minimum score for the complexity is determined by the manager (s) on a scale of 1 to 100.

The options determined by the administrator are shown as requirements in the screen. This way you know exactly which conditions your password must meet.

Password age and history

This setting determines how old a password may be. For each registration, it is checked whether the password is not older than the set number of days. How many days a password is valid can be determined by the application managers themselves. Please note that the maximum is 365 days (1 year). As soon as a password expires, users will have to deal with the requirements set in the complexity of your password.

In addition to the expiration date of passwords, the degree of difference with the previous password can also be set.

Account blockade

Part of securing CRM Online is blocking your account with 3 incorrect log-in attempts within 5 minutes. As soon as this happens, you automatically receive an e-mail asking you to create a new password. Pay attention, because this immediately applies the new requirements as described in complexity of your password.

Two-factor authentication

  1. We give you the opportunity to extra secure CRM Online with two-factor authentication.

Two-factor authentication means that your account is secured in two different ways. There are three ways to approach a secure online system. Two-factor authentication combines two of the three ways.

The three existing options are:

  1. something you know (password, PIN code)
  2. Something you have (device: telephone, vpn-key)
  3. Something that you are (fingerprint, iris scan)

PerfectView CRM Online combines the first two security options. In addition to using a password, you also need a code to log in. PerfectView is linked to Google Authenticator for this The choice for two-factor authentication can be made by application managers for the entire organization or by an individual user on a personal level.

Activate two-factor authentication

Administrators can activate two-factor authentication for the entire organization via Application settings.

Users can activate two-factor authentication via Personal settings.

Scan the QR code with your smartphone or copy the text of the activation code into the Google Authenticator App. From that moment on, the Google Authenticator recognizes PerfectView.

As soon as you sign up in PerfectView, you will be asked for a two-factor authentication code. Your code is generated in the Google Authenticator app.

Validity

The validity of this code is determined by yourself and is determined per location (the IP address where you are currently located). As soon as you register via a new location, you will always be asked for a new code. The validity options are:

  • 1 hour
  • 4 hours
  • 8 o’clock
  • 1 day
  • 3 days
  • 1 week

For the Google Authenticator apps can be downloaded for iOS, Android, Windows etc.

The apps / plugins can be downloaded from:

For iOS: Google Authenticator on iTunes App Store

For Android: Google Authenticator on Google Play

For Windows Phone: Authenticator on Windows Phone App Store

For Windows 8: Google Authenticator on Windows App Store

For FireFox: GAuth Authenticator Plugin 

The right to be forgotten

  1. We give you the following (new) options:

– Anonymize a relationship

– Delete a person and all linked activities

– Delete a contact person and move linked activities to the organization.

One of the elements of the GDPR legislation is the right to be forgotten. Every person has the right to be forgotten by an organization. In order to meet this request, three rights have been added, which can be set by the functional manager per user.

Users with the appropriate rights have the following options in CRM Online:

Anonymise a relationship

You can anonymize your relationship data provided you have the rights to do so. In the contact card you perform the action “anonymize”.

You will see the following screen:

It is important that you confirm this action. Once a relationship has been anonymised, this can not be undone.

Are you sure? Then we delete the contact details of your relation. The name of your relationship will change to the Latin name of a random animal. For example, your relationship Martijn de Vries becomes Streptopelia Turtur. The profile photo of Martijn also turns into a photo of the Streptopelia Turtur.

Remove a relationship by type

This option already exists in CRM Online and remains unchanged. By choosing this option you remove the relationship as a type, for example as a member or as a contact person. All linked data (activities) remain stored in CRM Online.

In the contact card you perform the action “delete”.

You will see the following screen:

Choose the option> Delete a relationship without activities

Remove the contact person and move all linked activities to the organization

This option is new in CRM Online. By choosing this option you delete the details of your contact (please note: Only possible for the type: contact person) and move all linked activities to the organization.

A screen appears in which you see several options:

Choose the option> Delete person and move activities to organisation

You will see the following screen:

It is important that you confirm this action. Once a relationship has been deleted, this can not be undone.

Delete a person and all linked data (regardless of type)

This option is also new in CRM Online. By choosing this option you remove the data from your relation in totality. In the contact card you perform the action “delete”.

A screen appears in which you see several options:

You will see the following screen:

It is important that you confirm this action. Once a relationship has been deleted, this can not be undone.

Logbook

  1. We offer you insight into the change history of CRM Online

Administrators see via Application settings> Authorization log which actions have been carried out in CRM Online. Actions taken by a user are recorded in this log. It is an overview of the change history in: roles, list boxes, display and queues.

You see the date on which an action took place, which user performed this action and which action was taken. You can export this logbook for further investigation. It is not possible to change this data.