I. Intro
Availability: Some of the features described in this article are in beta.
Who can perform these steps: Primary administrators or administrators with permissions to corresponding features.
Administrators can refer to this article for a brief introduction to the available compliance features in Lark.
II. About Lark Compliance features
Lark provides various protection capabilities for company data:
- DLP (self-developed detection engine, beta feature) and DLP (SkyGuard Engine Integration, beta feature): Administrators can configure DLP (Data Leak Prevention) policies to identify scenarios where sensitive information may leak and perform corresponding actions.
- 250px|700px|reset
- Watermarks: After an administrator enables watermarks, they will appear in the Lark app, Lark Drive, and Lark Admin Console, which protects data and discourages the unauthorized sharing of screenshots and photos.
- 250px|700px|reset
- Secure labels: Administrators can create secure labels to categorize documents by the level of protection that the organization requires for different information, which helps manage the information risks.
- 250px|700px|reset
Lark provides comprehensive logging information and flexible alerting configuration capabilities to help enterprises identify and trace risk-related activities, including admin logs, OpenAPI logs, and member activity logs.
- Admin log: Query and trace the actions of administrators in the Lark Admin Console.
- OpenAPI log: Organizations can develop their own Lark apps through OpenAPI. OpenAPI logs record the calls that Lark App made to OpenAPI.
- Activity auditing: Administrators can view logs of certain member activity on Lark to detect noncompliance and protect your organization's data and information security.
250px|700px|reset
Administrators can create permission search tasks to audit the permissions held by members of Docs, shared folders, wiki spaces, wiki space pages, customized apps, and Minutes. Based on the audit results, administrators can promptly address and correct any permissions that require attention, preventing over-expansion of permissions.
Additionally, with the help of the life cycle policy, administrators can revoke the permissions of offboarding members to ensure that relevant access is safe.
250px|700px|reset
Vault features
Administrators can create eDiscovery cases and allow assigned case auditors to conduct audits on specific services and members.
Note: This feature is in beta. Application for the beta is not currently open.
250px|700px|reset
Trusted-party relationships can be established between Lark and Feishu. After an organization on Lark establishes a trusted-party relationship with an organization on Feishu, the members of the two organizations can find members of the other organization in Search and Contact and work with them in Messenger, Video Meetings, Minutes, Calendar, Tasks, Docs, and so on securely and efficiently.
Note: Separate payment is required for this feature. For more information, contact Support or your Customer Success Manager.
Data residency refers to the geographical location of the server that stores your Lark data. When the organization founder creates the organization, the country or region they select will decide the organization's permanent data residency location, which is not modifiable.
An organization only has one data residency location, but the member's data can be stored in different locations as needed. For international organizations, Lark allows different locations for the data of members from the organization's data, dispersing data from all over the world and storing it locally, making it possible to maintain the necessary inconsistency between the organization and members' data locations.
Note: Separate payment is required for this feature. For more information, contact Support or your Customer Success Manager.
III. Related