We prioritize security at every stage of the development lifecycle management to ensure stable, secure services for our users. Our DevOps organization is supported by a professional security operation team and standard security operation mechanisms to promptly address any security incidents and respond to it as soon as we are aware of it.
Following an SDLC (Software Security Development Lifecycle) management process that prioritizes security at every stage of development, we continuously assess risks to better protect user data privacy based on security compliance. Our active detection capabilities and red-blue team in the attack and defense labs help us efficiently address security issues in the R&D lifecycle.
We strictly enforce a vulnerability management process to ensure the security of our cloud services through measures such as penetration work, quality assurance, and external audit. Our professional teams track and follow up on vulnerabilities until they are resolved, ensuring the confidentiality, integrity, and availability of our cloud platform resources. We also have a complete threat intelligence system to detect external threats and mitigate potential risks and threats as early as possible, while maintaining a high level of default built-in security.
To ensure the regular and continuous operation of our users, Lark has established an emergency response team and developed a standard emergency response process for all security events. We use alarms, feedback, and other resources to identify potential security events and respond to them as soon as possible.
Lark supports Single-sign on (SSO) through standard protocols and the enterprise's existing identity platform, adhering to the enterprise's account security specifications and policies. Lark also offers the option of using its own authentication to enhance account security through two-step verification and other features.
Lark offers flexible permission control measures to help administrators grant only the necessary permissions to organization members. Through visibility configuration and communication and collaboration permissions, administrators can create information barriers within the organization to prevent inefficient information disturbance for sensitive personnel and safeguard sensitive information within the organization.
Lark offers multi-dimensional protection capabilities for organizational data, including data leakage prevention capabilities for core data flow scenarios, screen watermarking to prevent screenshot leakage, and the ability to provide secure labels for cloud document scenarios. These features help enterprises better control information security risks.
Given the rise in mobile office and Bring Your Own Device (BYOD) requests, Lark offers lightweight terminal management capabilities, such as mobile file encryption and paste protection, to ensure that assets within Lark do not flow to user terminals.
