Security & data residency

Your data is processed where it already lives — inside your firewall.

ForecastGuard runs as a native Salesforce experience, but the data-quality and master-data compute happens on a Secure Agent inside your own infrastructure. Your CRM data is never sent to a Pacific Data Integrators–hosted cloud.

The architecture

Native experience, in-perimeter processing.

ForecastGuard splits cleanly into two layers: the interface you use, which lives natively in Salesforce, and the engine that does the work, which runs on a Secure Agent you host.

Inside your firewall / your environment
Salesforce Sales Cloud — ForecastGuard UIBuilt on Lightning Web Components. Stewards and leaders work inside the org they already use.
▲   reads & writes records within your environment   ▲
🖥️
ForecastGuard Secure Agent (Windows or Linux)Runs the profiling, golden-record matching, and remediation compute. You provision it; it stays in your perimeter.
🗄️
Your CRM dataProfiled and remediated in place. Processing happens behind your firewall, on infrastructure you control.
No PDI-hosted data cloud. ForecastGuard does not copy your Leads, Contacts, Accounts, Opportunities or Cases to a Pacific Data Integrators–operated cloud service to do its work.
What this means for you

Three principles we hold to.

🛡️

Data stays in your perimeter

The Secure Agent runs inside your firewall. Your CRM data is processed on infrastructure you own and control, not shipped to a third-party cloud.

No new attack surface to learn

The experience is native Salesforce. Your existing org security, profiles, and permissions govern who can see and remediate records.

↩️

Every remediation is reversible

Steward actions — including merges — can be unwound, by cluster or in full. Changes to your data are auditable and undoable, not one-way.

Straight answers

What ForecastGuard does

  • Runs its interface natively inside Salesforce on Lightning Web Components.
  • Processes data on a Secure Agent that you host on Windows or Linux, inside your firewall.
  • Keeps your CRM data within your own environment — no vendor-hosted data cloud.
  • Honors your existing Salesforce permissions and sharing model.
  • Makes steward remediation auditable and reversible by cluster or in full.

What we will not claim

  • We do not claim ForecastGuard is listed on the Salesforce AppExchange or has completed AppExchange security review. It is provisioned with PDI.
  • We do not claim "data never leaves Salesforce." Processing happens on a Secure Agent — data leaves Salesforce for that agent, but stays inside your environment.
  • We do not list compliance certifications (such as SOC 2 or ISO 27001) we have not completed. Ask us directly about current attestation status and we will tell you where things genuinely stand.

We would rather earn trust with an accurate description than a flattering one. For your security review, PDI will provide a deployment and data-flow document for your team.

Bring your security team into the room.

We will walk your security and RevOps teams through the deployment model, the Secure Agent footprint, and the data-flow diagram — before anything touches your org.

Request the data-flow document Run a free Dirty Data Index scan