Mattermost | Security
Protecting your data is our
#1 priority
From safeguarding intellectual property to ensuring national security, we help you maintain security, privacy and compliance.
We keep companies around the world secure and compliant
Built for environments with the strictest security, privacy, and compliance requirements.
Mattermost is the world’s most secure platform for developer collaboration. Deployable in on-prem (or air-gapped) environments, leading organizations in the highly-regulated industries such as Government, Healthcare, and Financial Services trust us to help their teams move fast without the lowest risk.
Our Security Architecture & Practices
- Encryption in transit
- Encryption at rest
- Network and security hardening
- System monitoring
- Annual penetration testing
- Manual and automated source code reviews
- Regular security updates delivered to the community prior to public disclosure
- Continual Commitment to the principles of GDPR and CCPA
- CVE Numbering Authority (CNA)
- Bug bounty program and Responsible Disclosure Policy
Maintain complete control of your data at all times
Data Protection & Information Governance
- Global retention policies
- Compliance exports
- Role-based access control with custom permissions
- Custom terms of service (TOS)
- Block message contents from appearing in mobile application notifications
Identity & Access Controls
- Multi-factor authentication (MFA)
- Session duration configuration
- User and group provisioning via Active Directory and LDAP
- SAML-based single sign-on (SSO)
- Certificate-based authentication (CBA)
- Enterprise mobile management (EMM)
- Block message copy and file download
- Minimum app version
Why security-conscious developers love us
Self-hosted deployment and database ownership
Retain full control over your company’s sensitive data with no third-party monitoring.
Built-in access controls
Define granular controls for enterprise data archiving to keep data properly secured and accessed.
Advanced mobile security
Our mobile apps work with EMM solutions. Full source code is available for custom solutions.
Compliance auditing with oversight
Pull compliance reports on user conversations and behaviors. Audit logging enables oversight and protection of ethical boundaries.
Secure cloud and data isolation
Get a dedicated Kubernetes cluster, fully isolated from other customers, fully managed by Mattermost with the highest security.
Enterprise Information Archiving integration
Connect to EIA systems along with custom solutions to meet regulatory needs.
Data encryption at rest and in transit
Keep your data safe with encryption under your control, at rest and in transit.
Full access to APIs, drivers, and open source code
See for yourself why we are the industry’s most secure solution.
Deployed in Zero Trust environments around the world.
Security is a top priority for LAIKA, and Mattermost’s self-hosted solution helps us keep our sensitive data and intellectual property secure.
We take security and privacy very seriously, so hosting off-site was not an option.
Many of our larger members could never discuss security issues with each other in real life because their lawyers would go crazy. But because Mattermost provides a secure platform, they can collaborate with other organizations within H-ISAC to solve problems.
