tammy123 avatar image
tammy123 asked keith-lazarus13798 commented

security concerns with glip

I am disappointed by the lack of support as well as security for the glip app. We have recently had an incident in which a new member was added to our glip app, but no one actually added them. A second incident happened this past weekend, in which a post was supposedly made by one of our employees, however, he says he did not make the post.

Is there any way to see where an account was logged in from? Possible IP address? We cannot tell if this one employee's account has been hacked or if someone is able to access our account from outside. What are different security measures we can look at to ensure we are not continuing to be hacked?

ringcentral app
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

cglassy3135 avatar image
cglassy3135 answered

USA-based acct | 2287 Users | 3800 DID lines | 28 sites | all Polycom VVX500 phone handsets

The Enterprise Security options for Glip are not robust enough for use on our network - we have requested these improvements over a year ago when we restricted any use of Glip by users on our account for these reasons.  You may want to read our write up of these issues

Join our unofficial RingCentral Admins User Group
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

saadetswift16514 avatar image
saadetswift16514 answered tammy123 commented
Hey Tammy, our Glip Support team is going to look into this. I've had case 08752181 created for this issue. If you haven't already heard from the agent, you should soon :)
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Outstanding - thanks for carrying this forward Saadet!
1 Like 1 ·
Thank you for creating a ticket for this issue.  It is very appreciated.  I did receive a response which basically said that there is no audit trail capability, and (to my understanding) while there is security for Glip's own infrastructure, there is no other security features available for Glip users. 
1 Like 1 ·
cglassy3135 avatar image
cglassy3135 answered keith-lazarus13798 commented
@Tammy - this is our point exactly - there is no Enterprise level security in GLIP  which makes it not usable for our organization.  

Our list of concerns for Enterprise use of Glip include:


No User Message Moderation by SuperAdmin is available

We have been told that Team Moderation is planned for first half of 2019 but no firm date yet, and no details for exactly which specific aspects of Glip will be available for moderation by Admins.

Need for SuperAdmin to restrict ability of any user's ability to send a Glip message to ALL USERS in the entire organization without moderation or Admin approval, 

Need ability for SuperAdmin to control who can and cannot create Teams only as approved by SuperAdmin

Users can change their name in GLIP at will.  Basic users should not be able to edit and/or change their name as set by the SuperAdmin when the account was provisioned.  Name changes for RingCentral Users - across ALL RingCentral products should be by SuperAdmin only.

File Sharing is all or nothing -

Use case: thousands of users hit because one trusted user, accidentally or on purpose, sent an attachment to all staff --- calculate the labor overhead to clean that per incident.   Need ability for SuperAdmin to force any User-attachments to go through  Enterprise Endpoint Protection/Virus Scan prior to delivery. Glip operates inside your network, needs to be compliant with Endpoint Virus and Malware scanning products
1 comment
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Great points, Cecile.  

Related to one of your points, I'd add that one of the nice things about Glip is how easy it is to add external parties to our site.  *I* would love to specify their name though, so that I could add a notation such as "[External-<somecompany>]" to make it clear who they are and what their role in our organization is.  This just isn't possible with how things work now. 

What bothers me most about this category of issue is how little feedback we've had from RingCentral, acknowledging this shortcoming and specifying their plans about how to deal with it moving forward.  
0 Likes 0 ·
tammy123 avatar image
tammy123 answered
Completely agree, Cecile.  Unfortunately we will need to move away from Glip as well for these reasons.
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Work together.
From anywhere.

Team messaging, video meetings
and phone - all in one app.

Get the new RingCentral app