Challo is the all-in-one collaboration tool—A tool for meetings, chat, and content workspaces. Whether you are collaborating with vendors, suppliers, clients, or partners Challo allows for seamless and secure collaboration between multiple companies. This article introduces the bases of Challo security.
Posted on June 16, 2020 by Thomas Hill
Challo has been built for inter-company collaboration, and enterprise security is the focus of Challo. CafeX takes the privacy and security of customer data very seriously by implementing strict data center, network security, and application security best practices. Also, Challo and any services used are ISO 27001 and PCI/DSS Service Provider Level 1 compliant.
Bring your own storage
In the cloud, the integrity of your data is paramount. The most basic security question is:
Where is your data, right now?
Bring Your Own Storage is a Challo feature that lets enterprises use their AWS or Azure data stores, to store only their data. Data such as files and meeting recordings are uploaded to your data store instead of using storage inside the Challo infrastructure.This means your organization can abide by local compliance rules and regulations and allows you to answer your security questions confidently. Put simply, your own your data.
As well as Bring Your Own Storage, Challo provides you with many application integrations to access resources directly from your cloud providers. In addition, Challo provides read-only access to these resources for the collaborators your choose. There is no need to duplicate and copy documents, and it’s unnecessary to manage guest accounts for external collaborators. By using Challo, everyone works from original documents.
Challo provides permissions to manage those using Challo. A partnership between two organizations can be established so that two organizations can set the permissions to control the way that individuals in both organizations may interact with each other.
Transport and storage
All Challo communication is encrypted using industry standard such as HTTPS and Transport Layer Security (TLS), over public networks. The traffic between end-users and Challo is secure during transit.
Challo segregates customer data and provides unique encryption keys for every organization, so the data of an organization cannot decrypted or modified, by another.
Challo follows secure credential storage best practices. You can provide credentials to Google, Microsoft, or Apple SSO to access the Challo service and make use of security features such as Multi-factor authentication. Challo never stores passwords in a human readable format. Challo stores secure, salted, one-way hashes of passwords.
Challo provides the following controls for meeting security:
- Unique and random meeting UUIDs [32-characters]
- Meeting lock—To stop guest or unauthenticated access.
- Waiting rooms—Moderators can validate participants before they join
- Moderators can mute and expel participants.
- Browser-based WebRTC solution, no downloads or plugins
- Meeting recordings can be disabled.
- Guests cannot start to record meetings.
You can find more information on security, privacy, and compliance programs at: Challo security datasheet.