MangoApps named a Leader in the IDC MarketScape for Digital Workspaces. Read the Report »

Is the front door to your IP locked?

MangoApps is the only HITRUST and SOC 2 Type 2 certified digital hub for 100% of your workforce.

Intranet & communications are the front door to your company’s data. Ask yourself if employee-facing systems, such as your Intranet, have the same ironclad security as your customer-facing systems.

A secure partner you can trust
Enterprise-grade security

Ironclad security

MangoApps implements multiple layers of security to protect your data including:
  • Built-in data loss prevention policies
  • Real-time access to audit and access logs
  • Default encryption of all data at rest and transit
  • 100% hosted on AWS with AWS-recommended security practices

Meet compliance and regulatory requirements

MangoApps is designed to meet specific industry regulations and international security and data privacy standards:
  • HITRUST certified (includes HIPAA compliance)
  • BAA signing for healthcare companies
  • Advanced content moderation capabilities
BAA signing for healthcare companies
Information Governance

Content Governance

MangoApps offers governance and risk management capabilities that are flexible enough to meet your organization’s needs, no matter what they are:
  • Built-in eDiscovery features
  • Global data retention policies
  • Custom data export and backup

Get peace of mind with 99.9% uptime

You need to ensure that your systems stay up around the cloud, and that's why we guarantee 99.9% uptime for our customers:
  • Redundancy and failover across multiple AWS regions
  • Priority enterprise support and dedicated CSM
Get peace of mind with 99.9% uptime SLA
Some of our members operate in highly restricted civic spaces, and it is crucial for us to create a safe space for them. Security is definitely our main priority, and MangoApps functions such as two-step authentication and custom admin roles are crucial. With MangoApps, we have certainty that our data is on a specific server, is not being transferred to other companies, and cannot be sold.
- Carolina Vega Rivas, Membership Engagement Specialist, CIVICUS

Improve Security & Employee Experience with Single Sign-On

Setup SSO to any application
Connect MangoApps with SAML, OAuth2, AD, LDAP, Office 365 & G Suite SSO providers
Allow users to securely access company apps right from their dashboard with the SSO widget
Consolidate the user experience and replace the costly SSO providers

Security & Compliance

It’s critical to us that your information is safe and secure. From development to hosting to monitoring,
we’ve created multiple layers of security to keep your data secure and private.
Application-level Security Features
MangoApps provides a wide-range of application level security to ensure your account is as secure as you want it to be.
  • Set minimum length and complexity of passwords
  • Auto session expiration
  • Automatic virus scan of documents
  • One way hash of passwords and PINS
  • Security alerts for unauthorized access
  • Custom admin roles
  • Disallow saving of username / passwords
  • Two factor authentication support
  • Set custom IP ranges to limit access
  • Disable and wipe out data from mobile and desktop devices
  • Require a PIN or FaceID to access MangoApps on mobile devices
  • Single sign-on support for nearly all options and vendors in use today (SAML, OAuth, Active Directory, DUO or even custom SSO)
  • Data loss prevention (DLP) policies
  • Built-in eDiscovery features
Platform Level Security
MangoApps is optimized to run on AWS and has been running in the AWS cloud for over 10 years
  • Data in transit is 256 bit SSL encrypted
  • All stored data is AES encrypted
  • Fully automated configuration management
  • Data retention, system backup and disaster recovery process and policy
  • Detailed user and system access logs
  • Information access policy
  • Regularly scheduled encrypted backups for user data
  • Real time alerts for critical events (e.g., unauthorized modification of critical system files)
  • Periodic vulnerability scans (e.g. Qualys Guard)
  • Annual third party penetration tests
Cloud And Process Security
Our data protection is multi-level starting with our choice in data centers, data transport and encryption requirements, and hiring procedures. Our software architecture undergoes periodic vulnerability tests to protect against malicious attacks.
  • MangoApps is HITRUST certified, which includes HIPAA compliance and NIST frameworks.
  • MangoApps is hosted on AWS, and inherits AWS certification and compliance with programs such as SOC2, ISO27001, FedRAMP, and others.* Learn more about AWS compliance inheritance here.
  • Monthly OS patches
  • Regular security and systems audits
  • Automated, zero downtime, configuration and application upgrades
  • Long term Audit and system log backup
  • US-EU Safe-Harbor compliant
  • Optional single tenant (dedicated) deployment for even more control
* Please note that these are AWS system compliances that MangoApps inherits. Although our AWS systems are configured to follow the best practices prescribed within these compliances, we have not gone through these certifications ourselves. Please contact us for details on MangoApps certifications and assessments initiatives.

Additional Features

Audit Logs
Keep track and log all admin-made changes. Actions like export, activations, deactivations, deletions, and more can be tracked in the audit log.
Custom Admin Roles
Custom admin roles make it easy to split duties and keep everything organized. Create custom admin roles to give specific users access to the admin portal for the administration of modules and features.
Remote Device Management
Securely offboard employees by automatically deactivating mobile/desktop devices when an employee departs your organization. Devices can be wiped out, disabled, and retired in bulk actions.
Recover Deleted Content
Network and user-level trash cans allow for the recovery of deleted content without IT intervention. After a predetermined period of time, any content that resides in a trash can is permanently deleted.
eDiscovery & Legal Hold
Audit-ready logs of content, conversations, and actions can be generated vin the event of a legal hold.

Security FAQs

HITRUST (the Health Information Trust Alliance) was founded in 2007 and was created to help organizations in all industries, but especially healthcare, make compliance with requirements such as HIPAA into a concrete, demonstrable certification.
They have created a system where a company can undergo a rigorous process to demonstrate their compliance with a number of common security frameworks, and then some, with a single certification. This eliminates the need to go through many simultaneous processes with different third parties, and puts a verifiable system in place through which vendors like MangoApps can say definitively that they manage data, information risk, and compliance at the level required by security-minded clients.
Per HITRUST’s website, HITRUST CSF is a certifiable framework that provides organizations globally a comprehensive, flexible, and efficient approach to regulatory/standards compliance and risk management.
“Developed in collaboration with data protection professionals, the HITRUST CSF rationalizes relevant regulations and standards into a single overarching security and privacy framework. Because the HITRUST CSF is both risk- and compliance-based, organizations of varying risk profiles can customize the security and privacy control baselines through various factors, including organization type, size, systems, and compliance requirements.” Read more.
In short, it is a certifiable standard for data security that is risk-based rather than compliance-based.
HIPAA is a law that requires organizations to meet a series of requirements related to security. HITRUST is a framework incorporating aspects of HIPAA and other compliance standards, which gives organizations a way to show evidence of their compliance with these standards.
With HITRUST certification, organizations show that they have met a measurable set of criteria and objectives around security and risk.
Learn more about HITRUST from their site.

A Detailed Look Into Security & Compliance at MangoApps

We know that intranet & communications are the front doors to your company’s data, and we have a special responsibility to keep it safe and secure. Download this whitepaper for an in-depth look at MangoApps' security and compliance practices.
A Detailed Look Into Security & Compliance at MangoApps
Download Now
Thank you!

Over the next few days, one of us will get in touch with you to answer any question you may have.

We hope you enjoy reading A Detailed Look Into Security & Compliance at MangoApps.