This is part 1 of a 2 part blog series.

Part 1 provides a technical overview of backup, security and support CRM best practices.

Part 2 will provide you with guidance on managing duplicate records and bring best practices together with a worksheet to help implement processes in Insightly CRM.

Data integrity is key to a good CRM user experience.

Insightly continues to go the extra mile to build product features designed around data security, protection and permissions.

Significant Insightly CRM updates (2016-2017):


Version History & Backups

Insightly has passed a major data provider audit and is now SOC2 Type 2 compliant. Plus, Insightly offers a Recycling Bin feature to restore deleted records from the past 30 days.  In a recent release, Insightly now also tracks the opportunity change history and displays a full audit log of what was changed and by who within the opportunity record. See information like who updated the forecasted Close date and when the change was made.

In Insightly, there are three main ways to backup your data.

  1. API v2.2 allows you to get almost all of your data with the exception of some system & user settings. While API v2.2 requires programming work, there is an automated backup service that connects to the API called recently updated their software to get all available Insightly data and settings backed up to a storage service of your choice every 10 minutes. Lastly, you should take into account how many API calls you are making per day. The daily API throttling limits vary depending on your plan.
  2. Data Exports give you most of your data in the form of XML files. Some objects, related links between objects, and fields are not available or may be incomplete.
  3. Reports will help complement the Data Export, but unfortunately both tools combined, still do not offer a complete export of all the related links and fields for each object. File, Event, Task, Project, and Opportunity History Reports will offer the most significant amount of information not found in the data export.

Here is a chart showing a general view on the availability of objects and settings objects from each source:

Objects API v2.2 Data Export Reports
File Attachments
Settings API v2.2 Data Export Reports
Activity Sets
Custom Field Groups
Custom Fields
Email Accounts
Email Signatures
File Categories
Lead Assignment Rules
Lead Conversion Custom Field Mappings
Lead Sources
Lead Statuses
Opportunity Categories
Opportunity Conversion Custom Field Mappings
Opportunity State Reasons
Pipeline Stages
Project Categories
Task Categories
Team Members
Web to Contact Forms
Web to Lead Forms
Workflow Processes

(Click here for more up-to-date information)

Get the data you need and backup your data often. In the event of a cyber attack, user error, or audit, all versions of your data will be physically in your hands.

Interested in automated data backup with

Use coupon code CLREFERRALSCOM when signing up for 10% off first month’s subscription.

Advanced Security

As of September 6th, 2017, Insightly only had Single Sign-On (SSO) access with Google G Suite. Today, users can have SSO access to Insightly via their Microsoft Azure AD panel, Office 365 portal, and/or identity provider (IdP).

Google G Suite & Microsoft Azure AD both complement Insightly with these 10 advanced security features:

  1. SAML-based SSO Compatibility*
  2. OAuth SSO Compatibility
  3. Two-factor Authentication (2FA)
  4. Self-service Password Reset
  5. Restrictions Reusing Expired Passwords
  6. Required Password Length
  7. Monitor Password Strength
  8. Risky User Sign-in & Activity Alerts
  9. User Sign-in Audit Reports
  10. Session Timeout

*Insightly offers SAML-based SSO compatibility only on the Enterprise plan and is compatible with all IdPs that support SAML.

Whether or not you integrate Insightly with Google G Suite, Microsoft Azure AD, or an IdP like OneLogin, reset your password(s) at least once every 90 days. This will automatically increase your security level.

User Permissions

Insightly has two ways of managing user permissions: Simple & Advanced. Both features do a great deal to protect customer data.

Insightly’s Advanced Permission feature does not currently apply on files uploaded directly to Insightly.  However, if you wish to put in place that extra level of control, use one of Insightly’s native-integration services like Dropbox or Google Drive.  By storing Google Drive, OneDrive or DropBox rather than directly in Insightly.

While advanced permissions helps protect your data, permissions may deactivate the duplicate detection feature when creating or updating records. This only happens when the user creating or updating the record does not have visibility permissions to the possible matched record(s). The only way to clean up the duplicates is to merge the records.

Stay tuned for Part 2 of “5 Best Practices for Insightly CRM” where we provide more helpful tips and insights on deduplication best practices!

To be continued…


About the Author:  

Micah Feldkamp is an Insightly Hero and CRM consultant specializing in Insightly software implementations. Click here to see Micah’s interview with Data2CRM.