Safety is a
shared responsibility
MyDesk provides a secure platform, but security requires collaboration. This describes the customer's own responsibility for user management, identity policies and configuration.
Shared responsibility model
In a cloud-based SaaS solution like MyDesk, security is a shared responsibility between MyDesk and the customer. MyDesk is responsible for the security of the platform, infrastructure and application. The customer is responsible for the security of their use of the platform.
Customer responsibility for user management
Customer is responsible for managing user access to MyDesk, including:
- Creating and deleting user accounts
- Assigning correct roles and rights
- Deprovisioning access upon resignation
- Regular review of user access
- Suspicious activity reporting
Identity policies and MFA
Customer is responsible for configuring and enforcing appropriate identity policies in its Microsoft Entra ID tenant, including MFA requirements, conditional access policies and password policies.
Configuration and settings
Customer is responsible for properly configuring MyDesk in accordance with its security requirements, including access levels, notification settings and integration configurations.
Security incident reporting
Customer is encouraged to report suspicious activity, potential security breaches and other security-related concerns to the MyDesk Security Team as soon as possible.
Customer responsibility
- User administration
- Access review
- MFA configuration
- Conditional access policies
- Deprovisioning upon resignation
- Incident reporting
Security requires collaboration
User administration
The customer manages user access, roles and deprovisioning.
Identity policies
The customer configures MFA and conditional access in their Entra ID tenant.
Incident reporting
The customer reports suspicious activity to the MyDesk Security Team.
Do you have any questions?
Contact our Security Team directly - we answer security, compliance and documentation questions quickly and accurately.
