Security & Compliance FAQs

What is the MangoApps system & information security policy?

MangoApps customer data and information security is our highest priority. Our own success rides on the confidentiality, integrity, and availability of customers’ information. For that very reason, MangoApps is designed with an industry- leading policy for system and information security that addresses the needs of enterprise.Learn more on our security and compliance policies here.

What are the logs available to the domain admin?

Domain Admins have access to the different logs in the MangoApps Admin Portal UI from under the “Home” tab on the left hand side.Learn more on the different types of logs here.

How is your data in MangoApps protected from virus threats?

In existing times, viruses are omnipresent threats and impacts machines and applications daily. At MangoApps, we ensure that such threats are handled and quarantined.
  1. 1.
    MangoApps doesn’t allow users to store/upload Executable(.exe) files to the File repository. This is the first level of protection against viruses, malware etc.
  2. 2.
    You can also enable virus scan from admin portal if you want all files uploaded into MangoApps to be scanned for virus. This is the second level of protection against viruses.
When you enable virus scan, all files uploaded via any of the MangoApps clients are checked for trojans, viruses, malware & other malicious threats. You can enable ‘Virus Scan’ inside your MangoApps domain from the admin portal.Learn how you can enable virus scan here.

Data retention in MangoApps

As an admin, you can setup for how long the data will be retained in your domain. The default option is that data will be retained forever – It is only deleted when the admin or the user who posted the data deletes or archives it. You can, however, choose to specify a different auto-archival and auto-delete rules in the retention settings as per your regulation and compliance requirements.
When the data is deleted it will not be available using APIs or data export. The deleted data will reside in the trash can until the trash can preservation limit, after which it will be permanently deleted and can’t be restored. Learn more on how to manage data retention here.

How can network admin configure password strength and policy in MangoApps?

MangoApps allows ‘Network Admin’ to impose conditions on Password Strength & Policy from the Admin Portal for enhanced security. Learn how you can configure password policies here.

MangoApps Wcag 2.0 compliancy

Web Content Accessibility Guidelines (WCAG) 2.0 covers a wide range of recommendations for making Web content more accessible. Following these guidelines will make content accessible to a wider range of people with disabilities, including blindness and low vision, deafness and hearing loss, learning disabilities, cognitive limitations, limited movement, speech disabilities, photosensitivity and combinations of these.
Currently MangoApps isn’t certified with WCAG 2.0, however below are the WCAG 2.0 guidelines that MangoApps adheres to:
  1. 1.
    MangoApps has tool tips to explain the purpose of visual control which requires user input.
  2. 2.
    MangoApps interfaces do not contain any decorative non-text content which will interfere with assistive technology.
  3. 3.
    MangoApps does not use only colors to represent information. A text is also associated with user controls.
  4. 4.
    The interface does not contain any flashes.
  5. 5.
    The web interface is navigable. It Provides ways to help users navigate, find content, and determine where they are by multiple breadcrumbs provided on each module.
  6. 6.
    Input Assistance is provided. errors are automatically detected and notified via error messages.
  7. 7.
    Context-sensitive help is also available wherever required.
  8. 8.
    No time limits to read content.
  9. 9.
    The appropriate user of color for links, on hover separating content on which an action can be taken vs reading content.
  10. 10.
    Spell checkers (with incorrectly spelled words underlined) when composing long-form content like posts, wikis etc.
  11. 11.
    MangoApps supports content being responsive to a higher font size set in a browser without losing any information.

How to flag inappropriate content feeds in MangoApps?

There are instances when company employees posts inappropriate content in their social intranet which is against company policy. Organizations don’t want such feeds to be viewed by other employees. To address this, MangoApps provides a feature in which any feed content can be flagged by network or guest user if he/she finds the content inappropriate or against company policy.Learn more on how you can flag a feed here.

How do I configure usage policy?

The usage policy (also known as Privacy Policy) dictates what is deemed to be appropriate internet browsing behavior in the workplace. This policy typically enforces time restrictions for employees when browsing the internet for non-work related tasks as well as stipulating what genres of sites they are allowed to browse.Learn how you can configure usage policy here.

How do I configure terms of service?

Terms of service (also known as Terms of Use or Terms and conditions) are rules the network administrators can configure for every user on the domain to agree to and abide by in order to use the domain.Learn how you can configure terms of service here.

Configuring Hybrid Authentication

With Hybrid Authentication , you can have some users login with the SSO provider you integrate in your MangoApps domain with and some using email ID & password generated via MangoApps or both.Please go through our SSO connections guide here.

Two-factor authentication in MangoApps

Two-factor authentication (TFA) provides a more secure login process as when users try to sign in, they’ll have to provide two pieces of information:
  1. 1.
    The account password.
  2. 2.
    A single-use authorization code generated by a mobile app (e.g. Google Authenticator) OR an email message.

Is MangoApps reliable, secure, and confidential? Is our data safe? Where is our data hosted?

Keeping your data and information safe is our #1 priority. Our state-of-the-art redundant server cluster is hosted and professionally managed at Amazon, a recognized leader in high-end hosting. If you are interested in our security and information privacy requirements, please read this article.

How can admins expire all users’ active sessions?

As an added security measure, you can force all users on your domain to sign out in the Force Sign out section of your admin portal. Click on “Expire All Sessions Except Mine” to log all users out of MangoApps. This will ensure all users logged in from any client will be logged out, leaving you the only one logged in.Learn more on how to expire all sessions here.

Where can I find the MangoApps terms of use agreement?

The MangoApps Terms of Use agreement is here (follow link).

How does saml sso work in MangoApps?

Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, MangoApps can contact a separate online identity provider to authenticate users who are trying to access secure content.Learn how to configure SAML authentication for MangoApps here.

Why use the terms of use or usage policy widget?

Terms of service (also known as terms of use or terms and conditions) are rules the network administrators can configure for every user on the domain to agree to and abide by in order to use the domain. Terms of service can also be merely a disclaimer, especially regarding the use of the domain. The terms of service will cover all users who have access to the domain and will appear when users login for the first time on the web client. After the setting has been enabled, network users & guest user will also be prompted to accept new terms of service or changes made to an older version.
The Usage Policy can be read separately from the Question Mark Help Menu (in the user portal in the top right corner under help) and does not need to be accepted before continuing. The usage policy dictates what is deemed to be appropriate internet browsing behavior in the workplace. This policy typically enforces time restrictions for employees when browsing the internet for non-work related tasks as well as stipulating what genres of sites they are allowed to browse. Having a usage policy, which can also be referred to as an acceptable use policy (AUP), ensures that employees are following directives that serve to safeguard their work environment and the IT network infrastructure.

How do I change the permissions on a MangoApps document?

To change between “editor”, “viewer” and “owner” permissions for a file, you can change the share permissions. Learn how to change share permissions here.

How can I share one document with multiple teams without maintaining multiple copies?

There are several scenarios around documents that potentially can result in maintaining multiple copies of the same document.Sharing existing files on your MangoApps domain may help reduce this. Learn more on sharing files here.

How is team privacy handled in MangoApps?

MangoApps has different privacy settings for Project, each with their own attributes and uses, and can be set during Project creation. Learn more on the privacy settings here.

What are various mobile security features and administration in MangoApps?

Your MangoApps domain will remain secure as users connect via their mobile devices. Mobile device management can be customized by the MangoApps Domain Administrator. To configure the settings for mobile security navigate to “Security” from the admin portal. It also shows a list of devices including computers, mobile devices as user devices connecting to your domain.

Where is the MangoApps privacy policy?

The most current MangoApps Privacy Policy is always here (follow link).

How do I set team (group, project and department) permissions?

For team permissions, you can set them when creating the team or when editing the team details later again. Learn how to set the permissions for a project here. The same steps apply for a group or department.

How do I restrict access to MangoApps based on IP address?

To help protect your organization’s data from unauthorized access, you can specify a list of IP addresses from which users can log in. Users outside of the specified login IP ranges cannot access the web portal.Learn how you can set IP address restrictions here.

What type of privacy settings can be applied to events?

The privacy settings that can be applied to events are:
  1. 1.
    Full Company - Anyone within the MangoApps domain can join the public event without an invitation.
  2. 2.
    Private - Attendees to private events receive invitation from the event creator and the event name is shown on the public event calendar. Domain members may request to join private events and admins of the event will be notified of the request to make their decision.
  3. 3.
    Secret - Attendees to secret events receive invitations from the event creator and the event is not shown on the public event calendar.
  4. 4.
    Team - Invitation to the event will be sent to users who are member of the team.

What is SSL and will it keep my communications absolutely secure?

“SSL” or “Secure Socket Layer” is a security protocol that provides internet communication privacy. The SSL protocol allows MangoApps to securely transmit data in order to prevent eavesdropping, tampering, or communications forgery. It is the same technology used by financial institutions and online shopping companies such as Amazon.com to keep your information safe and secure during transactions.
With regards to MangoApps, SSL keeps your client communications absolutely secure (Password protection in MangoApps keeps your information private, but SSL keeps it private and secure).SSL encryption is on all MangoApps connections on all accounts.