Platform Security

We take security seriously. Every guest, host, or admin using our service expects data to be secure and confidential. We understand the importance of safeguarding it for our customers and work to maintain that trust.

Security Features

Traction Guest’s security features are designed to provide a seamless user experience and sophisticated tracking capabilities in an environment that ensures data is kept safe and compliance standards are met.

Password Policies

Traction Guest has strong password requirements in place, and passwords cannot be retrieved, only reset. Traction Guest allows for multiple administrators under the same account, preventing the sharing of passwords between multiple users.

Records

Behavioural data including all visitor inputs, date and time of sign in/out, hosts, and location can be exported to .csv format through the Traction Guest UI. Records can also be searched and filtered in the UI itself.

iPad App

The iPad app is designed to retain data in the event of a connection loss, and will sync all sign-in data upon reconnection. Visitors can still sign in on the iPad when it is offline. Traction Guest supports Guided Access mode to prevent visitors from tampering with the iPad.

Data Export

Export your sign-in data into a CSV file, including visitor details, time of entry, documents signed, and more. Use the manual export function or set up automatic exports into third-party systems by creating a custom integration using GuestConnect.

Cloud Security

Traction Guest is built on Salesforce’s Heroku cloud application platform. Heroku applies security best practices, manages platform security, and is designed to protect customers from threats by applying security controls at every layer (physical to application).
Traction Guest and its data are completely isolated and receive rapidly deployed security updates without customer interaction or service interruption.
While running on the Heroku platform, Traction Guest functions within its own insulated environment. This restrictive design prevents security and stability issues by isolating processes, memory, and the file system using LXC. Host-based firewalls restrict applications from establishing local network connections.
Uptime levels are explained on Heroku’s Policy Page and historical availability data is available on Heroku’s Status Page.

Server Security

Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Service’s (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Amazon’s data center operations have been accredited under:

Regional Data Centers

Data residency is an important consideration when choosing a cloud solution. Legal or regulatory requirements are imposed on organizations that handle sensitive personal information. Depending on the country or industry such as governmental institutions, medical industries, or education, businesses are required to store their visitor data locally. To support our international customers, Traction Guest offers the choice between a US, UK or Canadian data center. We are committed to data protection and are working on growing this list to provide the flexibility you need. Get in touch for more information.

Support Issue Priority and Timelines

Priority I

First response target within 15 min.

Fatal issues that result in a customer’s inability to fulfill critical business functions that have no reasonable work around.

Priority II

First response target within 1 hour.

Serious issues significantly impacting use of Traction products.

Priority III

First response target within 1 business day.

All other issues, eg. how-to questions, reporting issues.

Our Development Policy

We are eager to continuously release new functionality. As a cloud-based service, upgrades do not require customer involvement aside from upgrading the iPad app (if automatic updates are disabled on the iPad). Our development team uses a standardized process to ensure changes are made securely and reliably, with a focus on quality.


1 All changes begin with a pull request from a local development branch to a QA environment.

2 Before changes are merged into a QA environment, a code review is done by a senior developer.

3 The change is then tested in QA, and another run of testing in UAT.

4 Code is finally pushed from UAT to production. All code migrations occur across SSL.


New releases are typically available at least once a month. Releases include documentation, ie. release notes including videos to showcase new functionality to all customers.


Traction employees all undergo background criminal checks and sign a NDA upon hire. We do not use consultants/contractors. Traction Guest employees do not have access to customer accounts unless granted by customers.

Supported Languages

Simplified Chinese
Traditional Chinese