Introduction
Security overview
4
min
min
min
min
min

Module 4: Security

Learn how Mio ensures data security with encryption, network safeguards, and secure authentication while integrating with Google Chat and Microsoft Teams.

Security overview

Hi everyone, welcome to Mio Academy. I'm Jacob, and in this module, we'll cover security aspects of the Mio integration. This lesson is designed to help you understand how we protect your data and ensure secure communication across platforms. 

Let's dive into some frequently asked questions.

Does Mio store my files and messages?

Mio does not persistently store user messages or files. Instead, we retain metadata for future reconciliation across platforms. This metadata includes message identifiers, timestamps, and platform-assigned user or channel IDs. The actual messages and files are not permanently retained.

Where does Mio store its data?

Mio is currently hosted exclusively in AWS data centers in the United States of America (us-east-1). We utilize multi-zone redundancy to maximize availability and uptime. All customer data is currently retained in the United States.

Is Mio single or multi-tenant?

Mio is architected as a multi-tenant system, which means that the underlying infrastructure is shared amongst all of our customers. Network, compute and storage resources are all shared in our secured private VPC in AWS, so logical separation of customer data is required.  To enable this, every customer is allocated a unique identifier on the Mio system, and this unique reference is used to locally separate the data between each customer.

Will Mio connect to or integrate with any of my organization’s own networks, applications, or services?

Mio securely integrates with your messaging platforms and never asks for more permissions than necessary to make the app function as intended. Read more about each scope and why we need them in our Help Center for Google Chat and Microsoft Teams.

How does Mio encrypt data in transit and at rest?

All data transmitted via Mio systems uses TLS 1.2 or later, to enable encryption in transit. Sensitive payloads are encrypted using AES-256. Data at rest is also encrypted to a minimum standard of AES-256 at the vendor layer, with additional controls for sensitive data at the application level.

How does Mio ensure network security?

Public access to Mio is restricted to a limited number of front-end servers with minimal open ports. Our service runs on tightly controlled private networks, monitored and reported on proactively. Internal access by Mio employees is tiered, logged, and restricted by VPN, adhering to the principle of least privilege.

How does Mio andle authentication and access?

Mio does not store plain text passwords or similar sensitive credentials. Instead, we use our platform partners' SSO authentication systems, processing and storing only encrypted tokenized access credentials for our users.

Where can I find additional security information?

For those interested in more detailed security documentation, such as our SOC 2 Type II report and other reports, you can access these in our Trust Center. Please note that you will need to sign an NDA with us to gain access.

Conclusion

Thank you for joining this overview of Mio's security features.

For more detailed information, please visit our security page.

Stay tuned for more lessons here at Mio Academy, where we help you become an expert on all things Mio. See you next time!