Security at Form Approvals

At Form Approvals, protecting customer data is a top priority. Our security program is built on leading industry standards, and we utilize modern security services, tools, and techniques to secure the Form Approvals’ ecosystem. Below you will find an overview of several security measures employed at our company.

Product Security

  1. Design
    Image showing the Form Approvals architecture
  2. Authorization
    Our application requires specific authorizations to operate, and we only request access to the information necessary to provide you with the service. We adhere to strict security and privacy standards to protect your data.
    When you install the application, it will request authorization to run on your account for the sole purpose of providing the service to you. The add-on requires specific authorizations to operate effectively, including display and run third-party web content, connect to an external service, and send email notifications on your behalf.
    The authorization... ...is required for
    Display and run third-party web content in prompts and sidebars inside Google applications This authorization is required for the add-on to work within a sidebar inside Google Forms, where you can add recipients, recipient order, recipient logic, and configure other settings.
    Allow this application to run when you are not present This authorization is required for the add-on to detect when form responses are made on your form and include information from the form submission in notifications sent to the requestor and recipients.
    Connect to an external service This authorization is required for the add-on to send/retrieve information from Google Cloud Firestore. Refer to section below titled 'Data Storage'
    View and manage your forms in Google Drive This authorization is required for the add-on to access the form for which you have setup the add-on. The add-on obtains response data from this form and includes it in email notifications to your requestor and recipients.
    Send email as you / Send email on your behalf This authorization is required for the add-on to send email notifications to requestors and recipients on your behalf. The add-on will send email from your account each time a form submission is received or an approval is made.
    See, edit, create, and delete all your Google Sheets spreadsheets This authorization is required for the add-on to read and write approval records in the spreadsheet linked to your form. Google doesn't provide a way for add-ons to limit the scope to only the spreadsheet that is linked to the form, so authorization to all spreadsheets is required, however, the add-on only ever accesses the spreadsheet that is linked to your form.
    See, edit, create, and delete only the specific Google Drive files you use with this app This authorization is required for the add-on to provide the feature that includes an attachment on notifications (i.e allowing users to choose a file from the Google Drive to be used as a template).
    It is important to note:
    • The add-on does not have authorization to read or modify emails in your email account.
    • Unlike other add-ons, Form Approvals does not have broad access to your Google Drive (only what is required to access your Google Forms, Google Sheets and a file you select as a template for an attachment).
    • The add-on will only ever use the authorizations listed above for the sole purpose of providing you the service.
    • The add-on developer and support team have no access to your files. Should you require technical assistance we may ask you to grant temporary access to your files in order to troubleshoot. You are under no obligation to grant access.
    • Your Google Workspace administrator can use the OAuth Token audit logs to view / monitor the activity of any third party application.
    If you are still unsure, feel free to use a specific Google account (e.g formapprovals@yourdomain.com) that only has the Google Form and linked Google Sheet stored within it (and nothing else).
  3. Data Storage
    We do not store your Google Form submission data and we do not store your approval records also. This information is stored in your spreadsheet and is accessed by the add-on with the authorization you provide.
    When developing the add-on, we have consciously designed the information flow in a way that minimizes the data which is required to be stored. To function, the add-on stores the following minimal information in Google's Cloud Firestore. The add-on stores the add-on administrator's email address, authorization details and file metadata (e.g Google Form Id, Google Sheet Id). We may also store usage and subscription related information.
    That is the minimum information we are required to store, to provide you the service. Further details of the information we collect is in our Privacy Policy. All form response data and approval records are stored in your linked spreadsheet and are therefore not required to be stored separately by the add-on.
  4. Data Residency
    Data stored by the add-on is stored in Google Cloud Platform's data centers. When first configuring the add-on, you will be asked to select a region. The application processes data in the region you select (i.e when recipients respond to requests and when you view and track the status of requests via our dashboard). Selecting the region closest to you also provides an incremental performance benefit.
    Since your Form Response data and Approval Records are stored in your spreadsheet, the data region policy set by your Google Workspace Administrator determines the location in which this data is stored.
  5. Decommissioning and Data Removal
    Customer data is stored on GCP services and follows a strict decommissioning policy outlined under Secure Data Storage of the Google Infrastructure Security Design Overview. We will manually remove all data associated with your account from our database upon request. You may also review and remove the application's access to your account at any time from the third party connections page.
  6. Uptime & Reliability
    We prioritize uptime and reliability to ensure uninterrupted service for our customers. Our systems are continuously monitored, and updates are promptly deployed to address any security vulnerabilities or performance issues.

Infrastructure Security

Form Approval’s platform is deployed within a secure environment utilizing modern infrastructure and security services provided by the Google Cloud Platform (GCP). Leveraging GCP and a modern web application stack, we enforce a range of security controls to protect the application and data.

Access Control

  • User accounts utilize MFA, including phishing-resistant protocols such as FIDO2, enhancing the overall security of our GCP environment. The principle of least privilege is enforced for all users who have access to the resources necessary for their roles, minimizing potential security risks.
  • IAM is at the center of securing resources within the GCP environment, ensuring all user and service accounts are authenticated and authorized using least privilege controls.

Data Security

  • All data is protected throughout its lifecycle, including data encryption, data masking, and data anonymization, where applicable. Access controls and data segregation are implemented to prevent unauthorized access or disclosure of sensitive information.
  • Customer data and other forms of sensitive data (e.g. authentication data) are encrypted using transport layer security (TLS to secure both in transit and at rest to ensure its confidentiality and integrity.
  • Key Management best practices are deployed to ensure the encryption key is itself encrypted with a regularly rotated set of master keys, which protect them even in the unlikely event of unauthorized database access.
  • When in transit, mail is encrypted using TLS to ensure a message and its metadata is encrypted as it passes between the sending and receiving mail server.

Secure Development Lifecycle

  • We prioritize security throughout our software development lifecycle. Our team adheres to best secure coding practices to mitigate vulnerabilities and enhance the quality of our applications. By implementing industry-leading security measures, we ensure that our software meets the highest standards of integrity and reliability.
  • Security is integrated into the product development process with code reviews, static code analysis, and security testing to identify and address security flaws in product code.

Email Security

  • All emails sent from the formapprovals.com domain include DKIM, SPF and DMARC authentication so you can always be sure they are sent from us.
  • All emails are also encrypted using TLS, unless the receiving domain does not accept TLS. Emails are first attempted to be sent over a TLS connection, and if it’s not offered by the receiving domain the message is then delivered over a plaintext SMTP connection.
  • Approval and tracking links within email notifications will direct your users to a subdomain of formapprovals.com. Organizations that utilize URL protection services, will need to permit our domain / subdomain. One-click approvals may be disabled by contacting Form Approvals support.

Data Handling

All employees undergo training on data handling. No employee is permitted to access end user data unless required to provide support to an end user. Application level user data is limited to our developers only who each have physical security keys for their Google account that meet FIDO standards.

Vulnerability Management

We take a proactive approach to vulnerability management, including annual penetration testing, continuous web application scanning, dependency check scanning, and static code analysis scanning. By combining these methods, we ensure the integrity and security of our systems, applications, and data, mitigating risks and enhancing our overall security.

Third Party Security

We take the security of third-parties seriously. We assess all third parties for stringent security practices in order to have the most secure solutions in place.

Disaster Recovery

We schedule regular backups and store them in Google Cloud Storage.

Compliance

  • We prioritize the protection of payment transactions. Our web page hosts a secure payment service integrated with a trusted third-party service provider, Stripe. This integration ensures that all payment transactions are processed securely, adhering to industry-leading encryption standards and compliance requirements with PCI DSS. With Stripe's secure infrastructure and our commitment to data protection, you can trust that your payment information is handled with the utmost care and security.
  • GCP is deployed in data centers with the highest level of certifications, including ISO 27001 and SOC 2. Google's robust security measures and compliance standards ensure the confidentiality, integrity, and availability of your data.

Incident Response

Safeguarding your data is important to us. We have a security incident response plan in place to swiftly address any potential security events. In the unlikely event of a security breach, our team will promptly notify you of unauthorized access to your data.

How to Contact Us

Your security and privacy are important to us. If you have any additional questions or concerns, please email security@formapprovals.com. We are here to assist you and address any security-related issues promptly.