I. Intro
Availability: Some of the features described in this article are in beta.
Who can perform these steps: Primary administrators or administrators with permissions for corresponding features.
Lark comes with comprehensive security management capabilities, helping organization administrators build corporate security regulations and establish trust with organization members.
II. About Lark security features
Lark offers various ways to ensure account security and a convenient user experience for members. For example, two-step verification, login password management, and other features.
250px|700px|reset
Lark supports continuous verification of user access requests based on conditions such as personnel, network, and devices. For example, by configuring access policies (beta feature), organizations can require members to log in to the Lark organization account only from trusted devices (such as organization-owned devices and registered personal devices) or trusted networks (such as organization public IP), thereby effectively reducing information leakage. With file policies (beta feature), organizations can prevent members from downloading the organization's Wiki spaces, documents, and other resources in external environments.
250px|700px|reset
Administrators can take flexible permission control measures in Lark to grant organization members the minimum necessary permissions.
For example, an administrator can configure the visibility of organizational structure and communication and collaboration permissions to keep sensitive information to the relative people only; they can also restrict file operation permissions to limit members' actions on documents to prevent information leaks due to unnecessary permissions.
250px|700px|reset
Mobile office has brought concerns about the risk of personal devices leaking office information. Lark provides lightweight terminal management capabilities to ensure efficiency while preventing information leaks. For instance, administrators can enable screen capture protection (beta feature) to restrict members from capturing and recording content within the Lark app; they can also enable paste protection to only allow members to copy and paste content within Lark instead of sharing copied content externally.
250px|700px|reset
To ensure the information security of the organization, administrators can configure alert rules in the Risk Insights > Alert Center or directly use the default rules to detect abnormal operations by members. They can also review the Vulnerabilities page to quickly analyze the detected risky behaviors.
Note: This feature is in beta.
250px|700px|reset
The administrator can create data discovery (beta feature) tasks to scan the content of Lark documents and files in the organization to identify sensitive information in existing documents. This helps to prevent the storage and use of non-compliant data.
III. Related