This caused me a bit of panic until I discovered the following:
- Because his e-mail was associated with the same domain as mine, when he created his ID, Glip recognized that we already had a Glip instance configured and it added him to it. To its credit, Glip confirms the user's "legitimacy" by making them click on a link in an e-mail that gets sent to their supplied address before activating the account.
- While he was able to get in, he was able to get into the "Organization-wide" team, but none of the individual teams that we had configured.
- He was able to see/IM others in the organization.
Has anybody else stumbled across this "feature"? What are your thoughts?
I'd be particularly interested in hearing RingCentral's position on this.