Security & Trust

Architected for Security. Your data and users stay in Salesforce.

100% native to Salesforce. No external data storage. No API keys to manage. Your data, your permissions, your security boundary.

Last updated March 15, 2026

Schedule a Call Download Security Statement
Architecture

Built inside Salesforce, not connected to it.

SALESFORCE SECURITY BOUNDARY AKOONU RevWorks Platform Powering how Revenue Works SALESFORCE FOUNDATIONS Sales Cloud CRM, Opportunities, Pipeline, Activity Tracking Salesforce Forecasts Native Forecasting Setup and Engine Agentforce LLM Models, Agents, Trust Layer SALESFORCE PLATFORM Data and Objects Standard and Custom Objects Configuration Territories, Roles, Fiscal Periods Customization Custom Fields, Sales Stages Security Profiles, Permission Sets, Sharing No data leaves this boundary. No external database. No sync.

No external data storage

Akoonu reads and displays Salesforce data. It never exports, copies, or stores data outside your org. There is no Akoonu database or external cloud infrastructure.

No data sync

Akoonu operates directly on your live Salesforce data. Nothing is replicated to an external server. Nothing leaves the security boundary.

Managed package

Installed from the Salesforce AppExchange. All code runs within the Salesforce platform using Apex, LWC, and SOQL.

No API keys

No external connections or credentials to manage, rotate, or secure. Akoonu users authenticate through their standard Salesforce login.

Access Control

Your sharing rules. Your permissions. Inherited automatically.

Salesforce sharing model respected

Akoonu inherits your org's sharing rules, role hierarchy, and field-level security. Users only see what they're already authorized to see in Salesforce.

Standard permission sets

Access to Akoonu is granted through standard Salesforce permission sets. No custom security model to configure or maintain.

No elevated access required

Akoonu does not require system administrator access for end users. The managed package operates within the permissions framework you've already built.

Territory and role hierarchy support

Works with both Salesforce role hierarchies and territory management, inheriting the access structure you've configured.

AI Security

Your choice of AI processing to fit your security requirements.

Akoonu supports three AI processing modes: Customer Agentforce Mode (AI runs inside Salesforce, governed by your Salesforce agreement), Customer BYOK Mode (your OpenAI or Anthropic key, your agreement with the provider), or Akoonu-Provided AI Mode (Akoonu provides per-customer Anthropic credentials). Your admin chooses the mode that fits your security requirements.

Opt-in by default

AI Features are disabled out of the box. Customers affirmatively enable AI and select how it processes data. Disabling AI returns to the no-AI baseline.

Agentforce-compatible

Customer Agentforce Mode keeps all AI processing under your Salesforce agreement. Configure Agentforce with a Salesforce-hosted model (such as Anthropic in Agentforce) to keep inference on Salesforce infrastructure.

No training on your data

Your data is never used to train AI models. In Akoonu-Provided AI Mode, this is contractually required of our AI provider. In other modes, the AI provider's terms apply directly to you.

Configurable AI context

Admins control exactly which Salesforce objects and fields the AI can access, with detail levels from standard to detailed.

Geographic control

If geographic processing requirements matter, Customer Agentforce Mode with a Salesforce-hosted model keeps inference on Salesforce infrastructure. For other configurations, external LLMs can be configured to process in specific regions.

AI credentials stay in your org

AI provider API keys — yours in BYOK Mode, or Akoonu-provisioned per-customer in Akoonu-Provided AI Mode — are stored in your Salesforce Named Credentials. Akoonu does not hold AI provider credentials on its infrastructure. There is no Akoonu-side credential store that could be compromised.

Trust

Salesforce ISV Partner since 2017.

Security Review Passed

Passed Salesforce's mandatory security review — code quality, data handling, CRUD/FLS compliance, vulnerability testing.

8+
Years as ISV Partner

Continuous partnership since 2017, tested against every major Salesforce release.

5.0
AppExchange Rating

28 verified reviews, all 5-star. Confirmed quality and reliability from real customers.

0
Breaking Changes

Zero customer-impacting breaking changes across eight years and every Salesforce release cycle.

Data Handling

What we store. What we don't.

What Akoonu stores in your org

Configuration settings, saved views, formula definitions, submission history, AI-generated insights, and cached data for performance. All of this lives inside your Salesforce org as custom objects.

What Akoonu does NOT store

Your opportunity, account, contact, forecast, or pipeline data. Akoonu operates on this data live in Salesforce. It is never copied to an external system.

Clean uninstall

If you remove Akoonu, your Salesforce data remains completely untouched. Only Akoonu's custom objects and configuration are removed.

Operations

No maintenance burden. No integration to monitor.

No integration monitoring

Because Akoonu is native, there's no sync to monitor, no API connection to maintain, no webhook to configure.

Master scheduler

Akoonu's internal scheduler manages all Akoonu background jobs without consuming your Salesforce scheduled Apex capacity.

Job monitoring

Full visibility into all background automation jobs — status, last run, errors — from the Akoonu Setup tab.

Field mirroring

When formula fields need to be used in forecasting types, Akoonu provides a mirroring tool to sync values to static fields without external processes.

Compliance

Built on Salesforce's world-class security infrastructure.

Salesforce platform security

Salesforce maintains SOC 2 Type II, ISO 27001, GDPR, HIPAA, and FedRAMP certifications. Your data is protected by enterprise-grade encryption, network security, and continuous monitoring.

Salesforce Trust & Security

Akoonu application security

Akoonu has passed the AppExchange security review — CRUD/FLS compliance, vulnerability testing, and code quality analysis. No data is stored outside your Salesforce org. No additional data residency requirements.

Your security controls

You maintain full control through Salesforce's native security tools — profiles, permission sets, sharing rules, field-level security, audit trails, and session management. Akoonu inherits every control you've configured.

FAQ

Commonly asked questions.

Where does my data go? +

Nowhere. It stays in your Salesforce org. Akoonu never exports, copies, or stores your data externally.

Does Akoonu respect our sharing rules? +

Yes, completely. Akoonu inherits your org's sharing rules, role hierarchy, and field-level security. Users see only what Salesforce allows them to see.

What happens during Salesforce releases? +

We test against every release. ISV Partner since 2017 with zero breaking changes for customers.

What if we want to remove Akoonu? +

Clean uninstall. Your Salesforce data stays untouched. Akoonu's custom objects and configuration are removed.

Does AI training use our data? +

No. Your data is used for inference only — to generate insights and analysis for your team. It is never used to train AI models.

Do we need a separate security review? +

Most security reviews are dramatically shorter because Akoonu has no external infrastructure. Platform-level questions (data centers, hosting, network security, encryption at rest, backup) defer to Salesforce's own certifications. Akoonu has also passed the Salesforce AppExchange security review.

Can we restrict which data the AI sees? +

Yes. Admins configure exactly which Salesforce objects and fields the AI has access to, with multiple detail levels.

Can we run AI entirely within Salesforce? +

Yes, depending on configuration. Customer Agentforce Mode keeps all AI processing under your Salesforce agreement. If you configure Agentforce to use a Salesforce-hosted model (such as Anthropic in Agentforce), inference runs on Salesforce infrastructure and data does not leave the Salesforce platform. If you configure Agentforce to use an externally-hosted model accessed through the Einstein Trust Layer (such as OpenAI or Gemini), data is sent to that provider under Salesforce's contractual relationship — Akoonu has no role in that relationship.

Is data sent to external LLMs? +

Only if you enable AI Features. AI Features are off by default. In Customer Agentforce Mode, the answer depends on which model you configure Agentforce to use — Salesforce-hosted models (such as Anthropic in Agentforce) keep inference on Salesforce infrastructure, while externally-hosted models accessed through the Einstein Trust Layer (such as OpenAI or Gemini) send data to that provider under Salesforce's contractual relationship. In Customer BYOK Mode or Akoonu-Provided AI Mode, prompts containing your data are sent to OpenAI or Anthropic for processing under no-training terms, and the response comes back to your org. In every mode, prompts and outputs are stored in your Salesforce Org, not in Akoonu infrastructure.

Additional questions?

Schedule a call to discuss your specific security and compliance requirements.

Schedule a Call Download Security Statement

Trusted by revenue teams at

HoneywellThalesAvery DennisonTeamworksKOREStreetLight Data

We use cookies to understand how you use our site and improve your experience.