Common security questions your IT Admin or Security Officer might want to ask
Question: Is our data safe?
Answer: Yes, absolutely. We designed all our Apps in a way that will ensure that we never send any of your data to any of our servers. So even though the add-in will want to read from SharePoint Online, Teams or OneDrive for Business, that data is only transmitted between your Office 365 tenant and the App running in your Office application / Office 365 tenancy. The data never gets transferred to any of our servers. Learn more about this here:
Template Chooser: http://docs.officeatwork365.com/manuals/template-chooser/data-flow.html
Question: Does officeatwork store any personal customer user data?
Answer: No. officeatwork stores absolutely no customer user data at all. The only time where officeatwork stores user data is during the evaluation phase of the Apps. This is needed to help potential customers explore and on-board the Apps officeatwork offers. Learn more about this here:
Privacy Statement: https://www.officeatwork365.com/privacystatement
Question: Can the App read all our SharePoint data?
Answer: No. The permissions granted to the App always honor the existing security settings you already established. Users therefore only see templates they would see if they were to browse SharePoint online directly. The SharePoint permission enabling the App to access SharePoint is of type «Delegate Permission», meaning it will only work in the context of a user. This means that the App by itself has no access at all. To be able to access SharePoint it will always require a user to be signed in to the App. This same concept also applies to your resources like Teams or OneDrive. Learn more about this here:
Question: Can I easily pre-consent the permissions the App requires?
Answer: Yes. To prevent each user having to provide a consent for the different resources, we offer a dedicated pre-consent flow that will allow you as an administrator to pre-consent the access to those resources on behalf of your users. Learn more about this here:
Hope this information was helpful to you.