With this integration, you will be able to:• Detect data leakage - gain visibility into what data is being sent in Slack messages or files. You will be able to see what sensitive data employees are sharing in public and private channels, as well as over direct messages in the Bitglass portal. • Hide sensitive data - quarantine files and messages. In Bitglass, you will be able to set up data policies that quarantine files and messages. This will hide the file or message. Once a file or message has been quarantined, you can approve of the file or message and it will reappear again in context, or you can keep the data hidden. • Notify employees - employees will receive a notification whenever they send a message or file that contains sensitive data. This will help make employees more aware about the company data they share.A paid account is required to use this integration. Contact support at firstname.lastname@example.org if you have any questions or need help.
Bitglass will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
Bitglass only stores and maintains the metadata used for logging purposes. This data is kept in active logs within the Bitglass portal for 30 days after which they are backed up to S3 encrypted backups. These backups are stored and kept for 7 years per HIPAA compliance. Data can be deleted upon request/contract termination.
Data archiving and removal policy
Metadata (including IP location, user name, time, filenames, applications, URL, device type etc.) is stored in customer isolated encrypted archives for 7 years for compliance purposes. Customers can optionally opt-out of data archival and request for a deletion of the data.
Cloud API file metadata is archived through backups to customer isolated encrypted stores.
Local Admin and User data, Key vaults, Encrypted Application data and metadata are archived through database backups to encrypted stores. Customers can request for a deletion of this data.
Data can also be deleted upon contract termination.
Bitglass utilizes AWS for media destruction and decommissioning of devices that contain data noted above. AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals. AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices.
Data storage policy
Metadata (including IP location, user name, time, filenames, applications, URL, device type etc.) is stored for 30 days for logging purposes (used in Admin logs, Proxy access logs, Cloud API audit logs, and analytics meta-data).
Cloud API file metadata is stored in customer isolated DB and read-replicas.
Payload data. e.g. email contents, attachments, files, API data fields, etc. is only temporarily stored on encrypted volumes during processing and deleted instantly.
Local Admin and User data, (e.g. Active Directory members and groups synced to Bitglass) is stored in a shared primary DB and read-replicas.
Key vaults (Master Keys on AWS Key Management Service) are stored in an encrypted DB and read-replicas.
Encrypted Application data and metadata are stored encrypted in a shared primary DB and read-replicas.
App/service has sub-processors
Certifications & compliance
Data deletion request procedure
Data will be deleted whenever a customer requests for a deletion of data.
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack App Directory, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Supports Single Sign On (SSO) with the following providers
We mainly support Security Access Markup Language (SAML) or OpenID Connect (OIDC) for SSO. Additionally we can also support JSON Web Tokens (JWT)
Supports Security Assertion Markup Language (SAML)