![]() ![]() The access in this case is strictly prohibited from both procedural and technical aspects, and strong authorization controls including but not limited VPN, 2FA and personal certificate are in place, moreover it is monitored in details using HIDS (Host-based Intrusion Detection System) and reviewed by Wrike Operational Security team. Access by Wrike Operational team: Wrike Operational team is responsible to maintenance and support production environment including monitoring, patching and updating, delivery the new builds to production, etc.This systemic approach ensures additional confidentiality for your data stored in Wrike. This is enabled by a system generated security token that you provide out of band to our Support team, allowing Support to delve deeper into solving your problem for a limited amount of time. Access by Wrike Support team: in case of troubleshooting or verifying the issue requires Support to access to your account that access can only be granted by you only.Īccess to customer data can be considered in two cases: Finally, Wrike provides functionality allowing the granular tracking of access roles to help customers fully audit existing data sharing see details at. As additional layer of data security, Wrike offers Audit and Reporting functionality that allows administrators to conduct full security reviews while being able to increase visibility into what is happening in their Wrike account, more details can be found at. Furthermore, all servers are encrypted at rest using file system encryption, and moreover Wrike offers Wrike Lock add-in for encryption key managed by a customer, see and. Additionally, encryption at rest is applied for user files uploaded to Wrike servers in file storage via both web application and API the files are automatically encrypted using AES 256-bit encryption. Wrike's application has extensive authentication, role-based access control, authorization, and data sharing and control mechanisms (see and ) that allow data access for authorized users only. Security at the application level blocks tenants from accessing or modifying application data owned by another tenant. Data is logically isolated and segregated, and access to data is only available through the application to ensure security and privacy. This metadata is associated with the specific tenant and its access rights according to the role-based access rules within the specific Wrike account. Wrike has a multi-tenant architecture that logically segregates customers’ data through access control based on customer metadata. deletion, retention, auditing, archiving, end-user policy, etc. No Organizational controls for data stored by partnerĭescribe how organization's administrators can control their information in partner systems? e.g. We use JS Office API, however we do not collect/process/store any organizational information.ĭoes any organizational identifiable information (OII) or end-user identifiable information (EUII) appear in this application's telemetry or logs? If yes, describe what data is stored and what are the retention and removal policies? There is a DPA in place for all the vendors. Salesforce CRM system - has contact information and billing (no sensitive data) information of customers. Outreach is Cloud-based sales engagement - only names and emails are provided to them. Wrike has the integrations with the following vendors which have access to some data: Marketo is email lead capturing services - only names and emails are provided to them. All non-Microsoft services OII is transferred to ![]() If the app transfers or shares organizational data with non-Microsoft service, list the non-Microsoft service the app uses, what data is transferred, and include a justification for why the app needs to transfer this information. No organizational data is stored in Wrike's databases. The add-in uses the Office.js API to integrate with the Office application. List any Microsoft APIs other than Microsoft Graph this app uses. ![]() Data access using other Microsoft APIsĪpps and add-ins built on Microsoft 365 may use additional Microsoft APIs other than Microsoft Graph to collect or process organizational identifiable information (OII). This application does not use Microsoft Graph. List any Microsoft Graph permissions this app requires. about how this app collects and stores organizational data and the control that your organization will have over the data the app collects. This information has been provided by Wrike Inc.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |