To homepage To homepage
Question

security concerns with glip

  • 13 May 2019
  • 4 replies
  • 347 views
T

I am disappointed by the lack of support as well as security for the glip app. We have recently had an incident in which a new member was added to our glip app, but no one actually added them. A second incident happened this past weekend, in which a post was supposedly made by one of our employees, however, he says he did not make the post.


Is there any way to see where an account was logged in from? Possible IP address? We cannot tell if this one employee's account has been hacked or if someone is able to access our account from outside. What are different security measures we can look at to ensure we are not continuing to be hacked?

4 replies

C


USA-based acct | 2287 Users | 3800 DID lines | 28 sites | all Polycom VVX500 phone handsets


The Enterprise Security options for Glip are not robust enough for use on our network - we have requested these improvements over a year ago when we restricted any use of Glip by users on our account for these reasons.  You may want to read our write up of these issues

http://ringcentraladminusersgroup.org/faq/glipsec.html

Join our unofficial RingCentral Admins User Group 
http://ringcentraladminusersgroup.org/index.html
S
Hey Tammy, our Glip Support team is going to look into this. I've had case 08752181 created for this issue. If you haven't already heard from the agent, you should soon :)
C
@Tammy - this is our point exactly - there is no Enterprise level security in GLIP  which makes it not usable for our organization.   http://ringcentraladminusersgroup.org/faq/glipsec.html  

Our list of concerns for Enterprise use of Glip include:

 

No User Message Moderation by SuperAdmin is available

We have been told that Team Moderation is planned for first half of 2019 but no firm date yet, and no details for exactly which specific aspects of Glip will be available for moderation by Admins.

Need for SuperAdmin to restrict ability of any user's ability to send a Glip message to ALL USERS in the entire organization without moderation or Admin approval, 

Need ability for SuperAdmin to control who can and cannot create Teams only as approved by SuperAdmin

Users can change their name in GLIP at will.  Basic users should not be able to edit and/or change their name as set by the SuperAdmin when the account was provisioned.  Name changes for RingCentral Users - across ALL RingCentral products should be by SuperAdmin only.

File Sharing is all or nothing -

Use case: thousands of users hit because one trusted user, accidentally or on purpose, sent an attachment to all staff --- calculate the labor overhead to clean that per incident.   Need ability for SuperAdmin to force any User-attachments to go through Enterprise Endpoint Protection/Virus Scan prior to delivery. Glip operates inside your network, needs to be compliant with Endpoint Virus and Malware scanning products
T
Completely agree, Cecile.  Unfortunately we will need to move away from Glip as well for these reasons.

Reply


Terms & ConditionsCookie settings
PRODUCTS
RingEX
Message
Video
Phone
OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility
QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Privacy Notice