StrongDM
StrongDM's Access Workflows solution provides a comprehensive, auditable, and streamlined approach to managing user access rights and permissions to reach Zero Standing Privileges and eliminate standing access.Implement Just-in-time access to access to all resources in your infrastructure using Access Workflows through Slack.Use StrongDM for Slack to:
• View a personalized Access Catalog to all resources available to you
• Create time-bound access requests so access is only available when needed
• View pending approval requests
• Review users requests to resources and approve or deny access
• Cancel access requestsFor pricing, see: https://www.strongdm.com/pricing
• View a personalized Access Catalog to all resources available to you
• Create time-bound access requests so access is only available when needed
• View pending approval requests
• Review users requests to resources and approve or deny access
• Cancel access requestsFor pricing, see: https://www.strongdm.com/pricing
Permissions
StrongDM will be able to view:
StrongDM will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
StrongDM
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
StrongDM maintains Customer Data in accordance with our Data Protection Policies. Session logs are maintained for a period of 13 months, while Audit Logs and Activities Logs are maintained for the duration of the Customer's relationship with StrongDM.
Data archiving and removal policy
StrongDM maintains Customer Data in accordance with our Data Protection Policies. StrongDM will delete Customer Data at the end of the Customer's relationship with StrongDM on written request to StrongDM's Data Protection Officer (dpo@strongdm.com). If no written request is received, Customer Data will be deleted in accordance with our standard Data Retention Policies.
Data storage policy
StrongDM maintains Customer Data in accordance with our Data Protection Policies. All Customer Data is encrypted prior to being written to storage, and all storage solutions are backed up and tested for the ability to restore said backups to a working state.
Data center location(s)
United States
Data hosting details
All Customer Data is hosted in segregated Production environments in our Cloud Service Providers.
Data hosting company
AWS, GCP
App/service has sub-processors
yes
Guidelines for sub-processors
App/service uses large language models (LLM)
no
Certifications & compliance
SOC attestation
GDPR commitment
Data deletion request procedure
All requests related to Personal Data are handled by StrongDM's Data Protection Officer. Individuals who wish to exercise their privacy rights under their governing Data Privacy Laws may visit https://www.strongdm.com/privacy/requests. Requests are evaluated for their authenticity, scope, and validity.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2023-11-27
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
ADFS, Auth0, Azure AD, Google, Keycloak, Okta, OneLogin, Ping Identity, VMware, Generic SAML
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
security@strongdm.com
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
no
Third party services used by this app
See StrongDM's response on Data Subprocessors under the Privacy & Data Governance section.
Uses token rotation
yes