At SyncEzy, we understand that security is a top priority when integrating business-critical applications. One common concern is the level of access required by our Procore-SharePoint integration and how we mitigate risks while maintaining seamless synchronization. This article aims to clarify key security measures, access controls, and safeguards we have implemented to ensure the highest level of protection for your data.

How Does SyncEzy Handle SharePoint Permissions?

A major security concern is the level of access our integration requires. SyncEzy does not require access to your entire SharePoint environment—instead, we offer structured access solutions to minimize exposure while ensuring smooth data synchronization.

1. Scoped Access to a Single Site or Subsite

Our integration can be restricted to a single SharePoint site or subsite instead of granting access across your entire SharePoint environment.

• If your organization operates within a single SharePoint site, we recommend creating a dedicated subsite or Teams channel specifically for the integration.
• The SyncEzy service user will be granted access only to this subsite, ensuring that your primary SharePoint structure remains isolated from integration-related activities.

2. Shortcut-Based Access Control

For organizations that prefer even stricter access control, SharePoint shortcuts offer a flexible way to manage permissions:

• Files can be stored in a secure location outside of the integration’s reach.
• SharePoint shortcuts can then be used to link only specific folders to the subsite that SyncEzy is syncing with.
• This approach minimizes exposure while maintaining efficient data access.

3. Why Does SyncEzy Require Site-Level Access?

• Microsoft’s webhook subscription model requires site-level access to track real-time file changes in SharePoint.
• While folder-level permissions might seem like a preferred solution, SharePoint permissions are primarily managed at the site level for webhook-based integrations.
• We continue to evaluate improvements, but at this time, site-level access is essential for real-time sync operations.

What Security Measures Does SyncEzy Have in Place?

Security risks, including unauthorized data deletion or compromise, are a primary concern. SyncEzy follows industry-leading security standards to protect user data and maintain compliance.

1. Industry-Leading Compliance & Security Standards

• SOC 2 Type 2 Certified – SyncEzy meets the same industry security standards as Procore, ensuring enterprise-grade data protection, access control, and logging.
• Enterprise-Approved Security – Our security policies have been vetted and approved by large global enterprises such as Tesla, LG, public utilities, and Fortune 100 companies.
• Azure Marketplace & Procore Marketplace Listings – Our presence on Microsoft Azure Marketplace and Procore Marketplace demonstrates our commitment to security and compliance.
  

2. Authentication & Access Controls

• OAuth 2.0 Authentication – SyncEzy uses OAuth 2.0 for Procore authentication, eliminating the need for storing persistent passwords.
• Federated Login Support – Our system supports Microsoft’s Single Sign-On (SSO)  & Google SSO, enabling secure authentication while aligning with your organization’s security policies.
  

What Happens If Files Are Deleted Accidentally?

SyncEzy has implemented several deletion safeguards to prevent accidental or malicious data loss.

1. Delete Confirmation Feature – Ensuring Controlled Deletion

To add an extra layer of security, SyncEzy includes a Delete Confirmation feature that prevents unintentional deletions.

• Every file deletion requires explicit approval before being processed.
  
• The system sends a confirmation request to an admin or designated approver.
  
• Users have to manually review and approve or reject deletions from a centralized dashboard.
  
• If approval is not granted from the portal, the deletion does not proceed, preventing unintended data loss.
• This feature allows IT teams to review deletions before they impact critical business data.

2. Mass Deletion Protection

• When a large number of files are deleted, SyncEzy automatically pauses the deletion process, if they exceed a predefined threshold.
• Users receive a daily summary of un-deleted files in this scenario, with a link to each file for review and deleted manually

3. 24-Hour Deletion Freeze

• If the deletion threshold is exceeded, all deletion actions are paused for 24 hours to prevent unintended data loss.

4. Disable Syncing of Deletes

• Organizations can completely disable deletion syncing, requiring files to be manually removed from both SharePoint and Procore.

5. Permanent Deletion Safeguards

No data is ever permanently deleted from either Procore or SharePoint through SyncEzy.

• Procore: Deleted files move to the Procore Recycle Bin, where they remain recoverable.
• SharePoint: Files are moved to your organization’s SharePoint Recycle Bin, which retains them for 30 to 90 days based on your retention policy.

How Does SyncEzy Prevent Unauthorized Access?

A major concern is the risk of an integration being compromised. SyncEzy has multiple layers of protection in place to minimize this risk:

1. Secure Server & Authentication Model

• Our servers are protected by VPN-restricted access, reducing exposure to potential attacks.
• SSO is required for AWS access, adding an extra layer of authentication security.
• AWS security policies ensure strict permission management.

2. Advanced Threat Detection & Monitoring

• Any modifications to our security logic or API requests are logged and audited for compliance.

3. Protection Against Potential Security Breaches

SyncEzy's integration is designed with multiple layers of security to safeguard against potential threats. Given the extensive security controls in place, the likelihood of such an attack is extremely low—comparable to an attack on Procore or AWS itself.

Why Trust SyncEzy?

SyncEzy is a trusted integration partner within the Procore and Microsoft ecosystems, and our security credentials speak for themselves:
✔ Top 20 Procore Marketplace apps – Four of our integrations consistently rank among the most popular Procore integrations.
✔ Microsoft Azure Marketplace listing – Demonstrates our alignment with Microsoft’s enterprise security requirements.
✔ Validated by global enterprises – Our solutions have been reviewed and approved by Fortune 100 companies, utilities, and major construction firms.

At SyncEzy, we are here for the long haul. Our commitment to security, compliance, and continuous improvement ensures that our integrations meet the highest enterprise security standards.

Security is at the core of everything we do at SyncEzy. We recognize that access control, data protection, and risk mitigation are critical factors in evaluating any integration. Our structured access options, enterprise security standards, and robust deletion safeguards ensure that our Procore-SharePoint integration remains secure, reliable, and compliant with industry best practices.

If you have any further questions about security, access controls, or compliance, feel free to reach out to our team for additional details.