We help keep companies around the world secure and compliant
Built for environments with the strictest security, privacy, and compliance requirements.
Mattermost is the world’s most secure platform for developer collaboration. Deployable in on-prem (or air-gapped) environments, leading organizations in the highly-regulated industries such as Government, Healthcare, and Financial Services trust us to help their teams move fast without the lowest risk.
Our Security Architecture & Practices
- Supports encryption-in-transit
- Supports encryption-at-rest
- Network and security hardening
- System monitoring
- Annual penetration testing
- Manual and automated source code reviews
- Regular security updates delivered to the community prior to public disclosure
- Continual Commitment to the principles of GDPR and CCPA
- CVE Numbering Authority (CNA)
- Bug bounty program and Responsible Disclosure Policy
Maintain complete control of your data at all times
Data Protection & Information Governance
- Global retention policies
- Compliance exports
- Role-based access control with custom permissions
- Custom terms of service (TOS)
- Block message contents from appearing in mobile application notifications
Identity & Access Controls
- Multi-factor authentication (MFA)
- Session duration configuration
- User and group provisioning via Active Directory and LDAP
- SAML-based single sign-on (SSO)
- Certificate-based authentication (CBA)
- Enterprise mobile management (EMM)
- Block message copy and file download
- Minimum app version
Why security-conscious developers love us
Self-hosted deployment and database ownership
Retain full control over your company’s sensitive data with no third-party monitoring.
Built-in access controls
Define granular controls for enterprise data archiving to keep data properly secured and accessed.
Advanced mobile security
Our mobile apps work with EMM solutions. Full source code is available for custom solutions.
Compliance auditing with oversight
Pull compliance reports on user conversations and behaviors. Audit logging enables oversight and protection of ethical boundaries.
Secure cloud and data isolation
Get a dedicated Kubernetes cluster, fully isolated from other customers, fully managed by Mattermost with the highest security.
Enterprise Information Archiving integration
Connect to EIA systems along with custom solutions to meet regulatory needs.
Data encryption at rest and in transit
Keep your data safe with encryption under your control, at rest and in transit.
Full access to APIs, drivers, and open source code
See for yourself why we are the industry’s most secure solution.
Deployed in Zero Trust environments around the world.
The only self-hosted solution for security-conscious developers
- Get a secure, on-premises installation in your data center with layered security options (SSL, VPN and DMZ).
- Own your database (MySQL or PostgreSQL) and manage all internal controls.
- Keep integration connections completely private for tools like Jenkins, Git, and Zoom.
- Host on the secure cloud of your choice such as Azure or AWS — no need to send Active Directory data over a public network.
Secure cloud options keep your digital operations agile & secure
- Receive a dedicated Kubernetes cluster that is fully isolated from other customers.
- Get all the resources required to run the Mattermost application with the highest security standards, including data encryption at rest and in transit.
- Your pre-configured cluster is secure by default, based on industry best practices including encryption, TLS certificates lifecycle management, and automatic security updates.
Security is a top priority for LAIKA, and Mattermost’s self-hosted solution helps us keep our sensitive data and intellectual property secure.
We take security and privacy very seriously, so hosting off-site was not an option.
Many of our larger members could never discuss security issues with each other in real life because their lawyers would go crazy. But because Mattermost provides a secure platform, they can collaborate with other organizations within H-ISAC to solve problems.