Security Overview

this guide outlines frequently asked questions from security teams please note that this page is for informational purposes only although we do our best to keep this information up to date, you should always refer to our https //www ashbyhq com/resources/terms , https //www ashbyhq com/resources/privacy , our https //trust ashbyhq com/ or your signed agreements with ashby for the most accurate information please reach out to support\@ashbyhq com if you have questions not addressed in this page overview this guide helps it and security teams understand how ashby integrates with your systems and what access it requires, to enable evaluating tradeoffs it includes a breakdown of ashby’s platform and security model integration options for sso, and scim links to more detailed, relevant documentation use this guide to make informed decisions that balance integration benefits with your organization’s risk posture about ashby what does ashby do? ashby is an all in one recruiting platform that replaces several software classes your talent team may use as a result, ashby’s integration with it systems requires access similar to the software it replaces below is a summary software class comparable software data access ats greenhouse, lever hris read/write (e g , workday) sourcing/crm gem, sourcewhale, interseller email read/send scheduling calendly, goodtime, modernloop calendar read/write ashby requests the minimum access necessary to provide full functionality while you can limit access, it may impact the talent team’s experience this document aims to help you assess your options and their tradeoffs to make an accurate risk assessment of ashby security, privacy, and reliability at ashby the integrations we request give ashby access to data sensitive to your company, and we take this responsibility seriously here are the measures we take conduct annual soc2 type ii audits and white box pentests use vulnerability detection tools for infrastructure, third party packages, and applications employ a global team of reliability engineers for high availability and security provide resources for compliance with privacy laws like gdpr and ccpa (gdpr overview) all data in ashby is encrypted at rest and in transit is logically separated per customer and stored behind a vpc for details, see our https //www ashbyhq com/resources/security what access does ashby request? ashby integrates with google workspace and microsoft 365 to provide features that enhance hiring speed and efficiency these integrations increase the risk profile of ashby as a vendor, but provide significant benefits to your talent team ashby requests access to the emails and calendars of your team members involved in the hiring process ashby will store a subset of this data in our database to allow us to provide a fast and reliable user experience our database is encrypted at rest, logically separated by customer, and behind a vpc all data transmitted between your it systems, ashby’s servers, and ashby’s clients are encrypted in transit for more information, please read our security overview email (via google workspace and microsoft 365) for more on these two integrations, check out docid\ va3yotx41ykdvfb8o0 3 ashby supports email syncing via google workspace and microsoft 365 when relevant to the hiring process only emails from ashby users with an elevated access or organization admin role are synced since these roles are assigned to employees involved in the hiring process from these users, we only store emails sent from ashby or involving a candidate emails containing a to, cc, or bcc with the candidate’s email and subsequent emails marked by the email provider as being in the email thread emails sent from ashby and subsequent emails marked by the email provider as being in the email thread ashby provides additional controls within the application to mark emails as private and automatically mark emails during the offer stage as private viewing these emails requires an explicit access role in ashby hide emails when a candidate moves to offer and hired stages not sync emails related to a candidate after they are hired not sync emails related to a candidate considered for a confidential job calendar (via google workspace and microsoft 365) ashby supports calendar syncing via google workspace and microsoft 365 what gets synced all accessible calendars and events, including shared calendars (e g , “interviews” calendar) personal calendars are used to determine interviewer availability privacy and visibility controls ashby respects calendar settings events marked as "private" are not shown in detail events shown as "free" or "busy" will only display availability calendar visibility settings are honored during scheduling to protect sensitive information how does ashby manage user access? ashby offers a secure and flexible authorization model with granular permissions to manage user access we also apply a strict permission system within ashby where users are granted access to jobs and candidate records on a need to know basis (see “access control” below) our default user access is very limited, and can’t access any candidate or job data employees cannot access their candidate profile (their candidate profile must be linked to their employee profile in ashby to prevent this) and we support truly confidential jobs that only the creator and those they give access to can see our authorization model by default, ashby assigns new users a "limited access" role these users can submit interview feedback for interviews they participated in submit referrals or applications for internal jobs limited access users cannot view sensitive information, such as jobs or candidates sync or send emails through ashby ashby provides granular permission settings for administrators to customize user access full details are available in ashby knowledge base single sign on (sso) and directory sync ashby supports sso via google workspace, office 365, or okta user offboarding offboarded users in your directory automatically lose ashby access user onboarding new users are automatically assigned the "limited access" role account sync for non employee accounts when syncing with your domain provider (google or microsoft), non employee accounts, such as contractors or service accounts, may also appear in ashby by default non employee accounts are assigned the "limited access" role these users can log in and be scheduled for interviews but cannot view sensitive data like jobs or candidates management options disable access organization admins can revoke access for any synced account contractor access for contractors requiring limited access, ashby supports agency users learn how to share your account selectively audit logging ashby maintains audit logs to track changes to important records logs are not currently accessible via the product or api but can be provided upon request through ashby support ashby bot and ashby success users on the employees page, you will see two system users ashby bot used to associate api usage and automation with a specific user for auditing purposes ashby success (success\@ashbyhq com) used by our support team (with your permission) to assist with troubleshooting or changes these users cannot be removed, as they are required to provide support and maintain system functionality