Communicate securely, even at scale

Security architecture and practices

• Encryption in transit

• Encryption at rest

• Network and security hardening

• System monitoring

• Annual penetration testing

• Bug bounty program and Responsible Disclosure Policy

• Manual and automated source code reviews

• PCI-compliant payment processing with Stripe

• Continual Commitment to the principles of GDPR and CCPA

Mattermost Self-Managed Deployments

• Secure, on-premises installation in your data center with layered security options (e.g, SSL, VPN and DMZ)

• Internally controlled data storage on a database that you own (MySQL or PostgreSQL)

• Operation behind your firewall or in your private cloud such as Azure or AWS; no need to send Active Directory data over a public network

• Keep integration connections private for tools like Jenkins, Git, and Zoom (750+ integrations)

Mattermost Cloud Enterprise

• Dedicated Kubernetes cluster, fully isolated from other customers

• The Kubernetes cluster provides all the resources required to run the Mattermost application and is fully managed by Mattermost to the highest security standards, including data encryption at rest and in transit

• Pre-configured clusters are “secure by default,” based on industry best practices including encryption, TLS certificates lifecycle management, and automatic security updates

Identity & Device Management Controls

• Multi-factor authentication (MFA)

• Session duration configuration

• User and group provisioning via Active Directory and LDAP

• SAML-based single sign-on (SSO)

• Certificate-based authentication (CBA)

• Enterprise mobile management (EMM)

• Block message copy and file download

• Minimum app version

Data Protection & Information Governance:

• Global retention policies

• Compliance exports

• Role-based access control with custom permissions

• Custom terms of service (TOS)
  

• Block message contents from appearing in mobile application notifications