Mattermost | Security

Protecting your data is our
#1 priority

From safeguarding intellectual property to ensuring national security, we help you maintain security, privacy and compliance.

We keep companies around the world secure and compliant

Built for environments with the strictest security, privacy, and compliance requirements.

Mattermost is the world’s most secure platform for developer collaboration. Deployable in on-prem (or air-gapped) environments, leading organizations in the highly-regulated industries such as Government, Healthcare, and Financial Services trust us to help their teams move fast without the lowest risk.

Our Security Architecture & Practices

  • Encryption in transit
  • Encryption at rest
  • Network and security hardening
  • System monitoring
  • Annual penetration testing
  • Manual and automated source code reviews
  • Regular security updates delivered to the community prior to public disclosure

Maintain complete control of your data at all times

Data Protection & Information Governance

  • Global retention policies
  • Compliance exports
  • Role-based access control with custom permissions
  • Custom terms of service (TOS)
  • Block message contents from appearing in mobile application notifications

Identity & Access Controls

  • Multi-factor authentication (MFA)
  • Session duration configuration
  • User and group provisioning via Active Directory and LDAP
  • SAML-based single sign-on (SSO)
  • Certificate-based authentication (CBA)
  • Enterprise mobile management (EMM)
  • Block message copy and file download
  • Minimum app version

Why security-conscious developers love us

Self-hosted deployment and database ownership

Retain full control over your company’s sensitive data with no third-party monitoring.

Built-in access controls

Define granular controls for enterprise data archiving to keep data properly secured and accessed.

Advanced mobile security

Our mobile apps work with EMM solutions. Full source code is available for custom solutions.

Compliance auditing with oversight

Pull compliance reports on user conversations and behaviors. Audit logging enables oversight and protection of ethical boundaries.

Secure cloud and data isolation

Get a dedicated Kubernetes cluster, fully isolated from other customers, fully managed by Mattermost with the highest security.

Enterprise Information Archiving integration

Connect to EIA systems along with custom solutions to meet regulatory needs.

Data encryption at rest and in transit

Keep your data safe with encryption under your control, at rest and in transit.

Full access to APIs, drivers, and open source code

See for yourself why we are the industry’s most secure solution.

Secure integrations, built, and vetted by thousands of developers worldwide

Over 750 open source integrations developed by our community are available for download, customization, and deployment today.

See More Integrations

Deployed in Zero Trust environments around the world.

The only self-managed solution for security-conscious developers

  • Get a secure, on-premises installation in your data center with layered security options (SSL, VPN and DMZ).
  • Own your database (MySQL or PostgreSQL) and manage all internal controls.
  • Keep integration connections completely private for tools like Jenkins, Git, and Zoom.
  • Host on the secure cloud of your choice such as Azure or AWS — no need to send Active Directory data over a public network.

Secure cloud options keep your digital operations agile & secure

  • Receive a dedicated Kubernetes cluster that is fully isolated from other customers.
  • Get all the resources required to run the Mattermost application with the highest security standards, including data encryption at rest and in transit.
  • Your pre-configured cluster is secure by default, based on industry best practices including encryption, TLS certificates lifecycle management, and automatic security updates.

Security is a top priority for LAIKA, and Mattermost’s self-hosted solution helps us keep our sensitive data and intellectual property secure.

David Rowe
Manager of IT Systems Support

We take security and privacy very seriously, so hosting off-site was not an option.

Dan West
IT Systems Administrator

Many of our larger members could never discuss security issues with each other in real life because their lawyers would go crazy. But because Mattermost provides a secure platform, they can collaborate with other organizations within H-ISAC to solve problems.

Josh Singletary
CIO

Need more info?

We use cookies for advertising, social media and analytics purposes. Read about how we use cookies here. By continuing to use this site, you consent to our use of cookies.