This FAQ combines information about Google Drive and SharePoint integrations to address common concerns about data privacy, security, and functionality.
Where is the data stored, and how is it protected?
Imported data is stored securely through AWS using industry-standard security measures, including AES-256 encryption for data at rest and TLS 1.2 or higher for data in transit.
Who has access to the data, and under what conditions?
Access is limited to authorized personnel for purposes such as support, maintenance, and product enhancements. Access conditions include strict adherence to confidentiality agreements and internal company policies.
How long is the data retained within Spekit’s ecosystem?
Data is retained as long as necessary to provide the Spekit services. Specific retention details are discussed in Spekit’s contractual agreements with customers.
Is my data shared with any third parties? If so, who and for what purposes?
Data may be shared with third-party sub-processors in order to provide the Spekit Services. A list of Spekit’s sub-processors can be found here along with the purpose of the data sharing.
What happens to my data if I decide to terminate my Spekit account?
Upon termination, data is deleted according to the user’s request or in accordance with Spekit’s data retention policies. Customers may request data export before termination.
What authentication methods are used to ensure only authorized users can access linked content?
Spekit employs secure role-based authentication methods, including strong password and multi-factor authentication, to ensure that only authorized users access the content.
-
For connections to Google Drive, Spekit uses Google’s OAuth mechanism, ensuring that your credentials are secure and inaccessible to Spekit.
- For connections to SharePoint, Spekit uses Microsoft’s OAuth mechanism, ensuring that your credentials are secure and inaccessible to Spekit.
Are there role-based access controls (RBAC) in place?
RBAC is implemented to manage user permissions and access levels based on roles within the organization.
Is the data encrypted during transfer and at rest?
Data is encrypted during transfer and at rest using industry-standard encryption protocols.
Is there monitoring of user activity to detect and prevent unauthorized access or anomalies?
Spekit monitors user activity to detect and prevent unauthorized access, ensuring data security and integrity.
What specific permissions does Spekit request?
- Google Drive: Spekit requests permissions to access files and organize them for syncing purposes.
- SharePoint: Spekit requests permissions to read site structures and file access levels for integration.
How is data transferred between Spekit and integrations?
Data is securely transferred using a third-party integration interface with encrypted protocols, ensuring safe and seamless syncing.
Are there any limits on the types of data that can be transferred?
Controls are in place to ensure compliance with usage policies by managing the types of data that can be transferred. Only data that a user chooses to synchronize to Spekit, is shared.
Can users easily revoke Spekit’s access to their connected accounts?
Google Drive
Users can easily revoke Spekit’s access to their Google Drive account in one of two ways:
- Via Google Account Settings: Navigate to your Google account, locate the list of connected apps, and revoke Spekit’s permissions.
- Within Spekit: Disconnect the integration directly from the Spekit platform.
Revoking access stops further data interactions, but previously accessed data might be retained as per retention policies.
SharePoint
For SharePoint, users can revoke Spekit’s access through:
- Microsoft Account Settings: Access your Microsoft account, find connected apps, and remove Spekit’s permissions.
- Within Spekit: Disconnect the SharePoint integration through the Spekit settings.
Revoking access stops further data interactions, but previously accessed data might be retained as per retention policies.