Skip to main content

Category: CRM & Sales

Secure Gong browsing

Secure Gong browsing means protecting revenue teams from link-driven phishing and keeping call recordings and customer context safe from session compromise.

Quick answer

Legba can isolate browser sessions while your team uses Gong.

Sales tools are link-heavy and often connected to inbound email and outreach. Isolation helps reduce exposure from external links and downloads that reach Gong users.

This page does not imply an official integration with Gong—it’s a guide to securing browser workflows around the app.

When you need this

  • Your team uses Gong in a browser every day.
  • You want to reduce phishing, malicious downloads, and session theft without slowing users down.
  • You need role-based policies for employees, admins, and contractors.

Last updated

2026-01-29

Common browser risks

  • Phishing that impersonates Gong notifications, recordings, or “shared call” links.
  • External links inside notes or shared resources that route users to malicious destinations.
  • Session hijacking and token theft leading to access to customer recordings and analysis.
  • Data leakage from copying sensitive customer details into untrusted tools or AI prompts.
  • Downloading call assets or exports from untrusted contexts without scanning.

Typical sensitive data in Gong

  • Call recordings and transcripts (often sensitive).
  • Customer contact information and meeting notes.
  • Deal context and sales enablement content.
  • Links to connected CRMs and calendars.
  • Exports and analytics reports.
  • User access and permission settings.

Recommended policies by role

Sales

  • Open unexpected “recording” links in isolation and verify the sender through a second channel.
  • Avoid downloading exports or attachments from unknown sources without scanning.
  • Don’t paste sensitive customer details into untrusted web tools or AI prompts while Gong is open.

IT Admins

  • Enforce strong auth and session controls; require re-auth for sensitive exports where possible.
  • Isolate unknown external links opened from Gong notifications and shared resources.
  • Restrict browser extensions and risky permissions across revenue teams.

Security

  • Monitor for unusual export patterns and suspicious logins.
  • Use isolation for investigating suspicious “shared recording” landing pages.
  • Apply stricter policies for high-risk roles that access broad customer data.
See Legba for Chrome

FAQs

Are shared recordings a common lure?

Yes. “A call was shared with you” is a believable prompt and often used in phishing campaigns across collaboration tools.

What’s the biggest risk to revenue teams?

Phishing and session theft leading to access to sensitive customer context and exports.

Does isolation change Gong functionality?

No. It changes where untrusted web content runs when users follow risky links or browse unknown destinations.

How do we reduce data leakage to AI tools?

Add policies that prevent sensitive customer details from being pasted into unapproved AI prompts and use isolation for untrusted web apps.

References

Keep exploring

All guides
Threats, secure apps, and AI security pages.
All secure app guides
Browse apps by category.
Browser threats
Understand threats and mitigation patterns.
AI security guides
Prevent AI prompt leakage and prompt injection.