Foreman Todd
This bot allows Foreman users to receive notifications regarding their miners as soon as problems arise. All notifications are based on the user's Trigger configurations. Based on configurable rules, messages will get published to a shared channel, promoting operator collaboration and real time alerting.
Permissions
Foreman Todd will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
OBM, Inc.
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
OBM, Inc shall retain data as long as the company has a need for its use, or to meet regulatory or contractual requirements. Once data is no longer needed, it shall be securely disposed of or archived. Data owners, in consultation with legal counsel, may determine retention periods for their data. Retention periods shall be documented according the information below:
System or application: OBM, LLC SaaS Products (Google Cloud)
Data description: Customer Data
Retention Period: Indefinite
System or application: OBM, LLC Customer Support Tickets (Gmail)
Data description: Support Tickets and Cases
Retention time: Indefinite
System or application: OBM, LLC Security Event Data (Google Cloud)
Data description: Security and system event and log data, network data flow logs
Retention time: Indefinite
System or application: OBM, LLC Vulnerability Scan Data
Data description: Vulnerability scan results and detection data
Retention time: 1 year
System or application: OBM, LLC Customer Sales (Google Drive)
Data description: Opportunity and Sales Data
Retention time: Indefinite
System or application: OBM, LLC QA and Testing Data (Google Cloud)
Data description: QA, testing scenarios and results data
Retention time: Indefinite
Data archiving and removal policy
Data classified as restricted or confidential shall be securely deleted when no longer needed. OBM, LLC shall assess the data and disposal practices of third-party vendors in accordance with the Third-Party Management Policy. Only third-parties who meet OBM, LLC requirements for secure data disposal shall be used for storing and processing restricted or confidential data. OBM, LLC shall ensure that all restricted and confidential data is securely deleted from company devices prior to, or at the time of disposal.
Data storage policy
Confidential Data Handling
Confidential data is subject to the following protection and handling requirements:
● Access for non-preapproved roles requires documented approval from the data owner
● Access is restricted to specific employees, roles and/or departments
● Confidential systems shall not allow unauthenticated or anonymous access
● Confidential Customer Data shall not be used or stored in non-production
systems/environments
● Confidential data shall be encrypted in transit over public networks
● Mobile device hard drives containing confidential data, including laptops, shall be encrypted
● Mobile devices storing or accessing confidential data shall be protected by a log-on
password or passcode and shall be configured to lock the screen after five (5) minutes of
non-use
● Backups shall be encrypted
● Confidential data shall not be stored on personal phones or devices or removable media
including USB drives, CD’s, or DVD’s
● Paper records shall be labeled “confidential” and securely stored and disposed
● Hard drives and mobile devices used to store confidential information must be securely
wiped prior to disposal or physically destroyed
● Transfer of confidential data to people or entities outside the company shall only be done in accordance with a legal contract or arrangement, and the explicit written permission of
management or the data owner
Restricted Data Handling
Restricted data is subject to the following protection and handling requirements:
● Access is restricted to users with a need-to-know based on business requirements
● Restricted systems shall not allow unauthenticated or anonymous access
● Transfer of restricted data to people or entities outside the company or authorized users shall require management approval and shall only be done in accordance with a legal contract or arrangement, or the permission of the data owner
● Paper records shall be securely stored and disposed
● Hard drives and mobile devices used to store restricted information must be securely wiped prior to disposal or physically destroyed
Public Data Handling
No special protection or handling controls are required for public data. Public data may be freely distributed.
Data center location(s)
United States
Data hosting details
Cloud Hosted on GCP
Data hosting company
GCP
App/service has sub-processors
no
Certifications & compliance
Data deletion request procedure
If you would at any time like to review or change your information in your account or terminate your account, you can contact us using the contact information provided.
Upon your request to terminate your account, we will deactivate your account and delete your user name and ID and other identifying information from our databases.
Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website. To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices.
Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. You will then be removed from the marketing email list – however, we may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes. To otherwise opt-out, you may access your account settings and update preferences.
Terminating any third party relationships: You may be using our services as a result of or in connection with your use of services from one or more of our third party partners or vendors. By using our services in conjunction with such a third party relationship, you agree that we may provide to such third party information and data we collect or otherwise have access to from you as requested by such third party and we may rely on that third party’s request as evidence of your permission for us to do so. To the extent that you terminate or otherwise change your relationship with any such third party partners or vendors and desire to terminate such partner’s or vendor’s access to and use of your information and data through us, you need to notify us of such change. We are not responsible for monitoring the status of your relationship with such third parties and we are not responsible for how such third parties use your information and data.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2022-03-01
Executive summary is available to potential customers upon request
yes
Supports Single Sign On (SSO) with the following providers
Okta, Azure
Supports Security Assertion Markup Language (SAML)
no
Has a dedicated security team
no
Contact for security issues
contact@obm.mn
Has a vulnerability disclosure program
no
Vulnerability disclosure program covers Slack app
no
Has a bug bounty program
no
Requires third party authorization/connections
no
Third party services used by this app
Stripe SDK
Uses token rotation
no