• Automate Personal Identifiable Information (PII) Removal! A step forward to securing Your sensitive business data.

    Are you thinking about automating the removal of Personal Identifiable Information (PII)? Have you ever seen sensitive data stored in the wrong place within your Sugar system (for example meeting notes), or any other internal system? Has someone…

  • Apply a "defaut" role to all new user

    Out of the box, Sugar is an optimistic solution where every new user can do everything. But, for most of my customer, this is not right. It would be nice that a custom role can be automatically defined and applied to any new user.

  • Zero-day-exploit in log4j2

    Hi All, I hope you guys are already aware of the log4j2 security vulnerability that happened over the weekend. I know ElasticSearch is using it heavily but does anyone has any idea if SugarCRM itself using it for any kind of logging? Also, what are…

  • How to disable PDF report password protection?

    Hello there, Some of our customers have strict email security measures that flag CRM-generated emails as "not secure - cannot verify" when they contain report PDFs. It appears that Sugar password protects the reports in order to prevent modification.…

  • What are the sugar supporting methods for encryption of data while at rest ?

    Hi All, I have an requirement of encryption of data while at rest. Anyone can suggest the supporting methods for doing the encryption of data while at rest ?
  • Integration Best Practices Break Out Session at SugarCon 2018

    Integration Best Practices Break Out Session at SugarCon 2018

    Hello! I'm Justin Kuehlthau ( @justinkuehlthau ), Director of the Sugar Practice at Technology Advisors ( Technology Advisors, Inc. ). This was my 8th SugarCon and this year I was lucky enough to be selected as a Sugar Scholar! I learned a lot about the…

  • Use of prepared statements in Sugar 7.9

    What are Prepared Statements? Prepared Statements , also known as parameterized statements, is a database feature that allows the same or similar queries to be executed with more efficiency and greater security. It has also been a common Sugar platform…

  • How to configure SAML SSO for Sugar

    Many customers want to configure Sugar for Single Sign On (SSO). Well Sugar supports Security Assertion Markup Language ( SAML ) so this must be easy, right? But the devil is always in the details. Each SAML identity provider behaves a little differently…

  • SugarCRM Mobile App Configurator Service now available!

    Sugar Developers now have a new tool for building upgrade safe mobile customizations that address most branding, theming, and mobile security requirements. Introducing Sugar MACS Introducing the Sugar Mobile Application Configurator Service (Sugar MACS…

  • How to perform Data Anonymization for Sugar development

    Post originally written by Emmanuel iNet. Here is another guest post from Emmanuel Dyan from the Elite SugarCRM Partner iNET Process . In it he addresses a common Sugar project requirement using an open source tool developed by iNET Process. The problem…

  • CSRF Tokens in Sugar 7.7

    What is a Cross Site Request Forgery (CSRF)? A CSRF is a type of exploit that a malicious website or attacker could employ to have a user send unauthorized commands to a website or application. It is a type of confused deputy attack against a user's web…

  • Tips for managing Sugar file permissions

    The Sugar application requires that a number of directories be writable in order to properly function. The precise directories and minimum permissions needed are covered in the Sugar Install Guide . A common practice for Sugar Developers to work around…

  • How should I encrypt data at rest with Sugarcrm?

    Hi All, Related to data security I need to encrypt data while at rest,How can I apply this ?

  • Data Security / Encryption

    Dear all, Many of my customers (SugarCRM 7.x or 8.x Pro or Ent) ask us what is the best question to secure SugarCRM data. Of course, we recommended the main "standards" security options (role/team for end user, VPN access, HTTPS, restricted access to…