English
Français
Deutsch
Português do Brasil
Español
LoginTry Pipedrive

Knowledge Base/Privacy and Security/Security Features/Security Features in ...

Security Features in Pipedrive

JT
Jenny Takahara, February 19, 2021

Pipedrive offers numerous security-related features to give you full transparency of how and when your data is being accessed. 

Sections

1: Permission and Visibility settings

2: 2FA: Two-factor authentication

3: Single sign-on (SSO)

4: Security Dashboard 

5: Security Rules 

6: Security Alerts 

Permission and Visibility settings

Permission Sets 
Admin users can set up Permission Sets to control what other users can do in Pipedrive, such as deleting deals or editing custom fields. You can see the full list of actions that can be controlled via Permission sets in this article. The number of permission sets you have depends on the plan you are on. 

  • Essential and Advanced plans
    Two permission sets: 'regular users' and 'admin users'.
  • Professional plan
    Regular and admin users sets, plus one additional customizable permission set called 'managers'.
  • Enterprise plan
    The above three groups, plus the ability to create additional custom permission sets. 


Visibility Groups
While Permission sets control what users can do in Pipedrive, Visibility groups control what deals, contacts, and products users can see. Creating visibility groups is useful if you want certain users to not see specific information in your company account. The number of visibility groups you have also depends on the plan you are on. 

  • Essential and Advanced plans
    Two visibility groups: the item's owners & followers, or to the entire company. 
  • Professional or Enterprise plans
    Four visibility groups: item's owner only, owner's visibility group, owner's visibility group and sub-groups, or to the entire company. 

2FA: Two-factor authentication 

The 2FA feature adds an extra layer of security to confirm that the user trying to log into Pipedrive is actually who they say they are. 

When 2FA is enabled, logging into Pipedrive will prompt an email to be sent to the email address you use to log into Pipedrive. This email will contain information about the login attempt as well as a verification link that will allow you access to your Pipedrive account. 

Single sign-on (SSO) 

Many large companies use a third-party SSO service such as Okta and Azure AD to allow users to securely authenticate and log into multiple applications with just one set of login credentials. 

Pipedrive's Single sign-on feature will allow you to add Pipedrive to the SSO provider your company has set up, allowing for a stress-free Pipedrive login experience for users and a more secure way of for administrators to control user access. 

Security Dashboard

The Security Dashboard feature will provide full-transparency of user access information and security-related activity that occurs in your company account. 

  • User access and device logs
    Which users are accessing your account and any additional login information such as device, location, and login time.
  • Audit log
    A log of all of the security-related changes made in your company account by any user in the past two months. 
  • Security Assessment
    A report on what Pipedrive believes are potential security vulnerabilities in your Pipedrive company account, based on current access and permission related user settings.

  

Security Rules

With the Security Rules feature, admin users of a Pipedrive company account can enforce access restrictions to ensure that business data is only available to the right people at the right place and time.

  • 2FA: Two-factor authentication
    Enforce 2FA for all users.
  • Password rules 
    Enforce password related rules such as password strength, password expiration, and password reuse.
  • IP address and time range access
    The advanced rules section of the Security Rules feature will allow you to limit user access by IP address and time range. 

Security Alerts 

The Security Alerts feature will allow admins users to set up email notifications according to security-related events that occur in the company account. The alerts can be configured to send out in live time or in regular daily or weekly intervals. 

  • Account access alerts
    Email alert sent when any user access related activity occurs, such as user logs in from a new device, user logs in from new location, etc. 
  • Data leakage and loss 
    Email alert sent when data is exported or deleted from Pipedrive. 
  • Audit log 
    All security alerts can be tracked in the Security Dashboard under the audit log. 
Was this article helpful?

Yes

No

Related articles

Got any questions?

Contact us