Security User Guide

Learn how to protect your data and use security features effectively in chatTask.

Account Security

Setting Up Multi-Factor Authentication (MFA)

Multi-factor authentication adds an extra layer of security to your chatTask account. We highly recommend enabling MFA for all users.

1

Access Security Settings

Navigate to your account settings and click on the "Security" tab. You'll find the MFA setup option under "Authentication."

2

Choose Your MFA Method

Select your preferred authentication method:

  • Authenticator App: Use Google Authenticator, Authy, or similar apps
  • SMS: Receive codes via text message
  • Hardware Keys: Use FIDO2/WebAuthn compatible keys
3

Complete Setup

Follow the on-screen instructions to complete your MFA setup. Make sure to save your backup codes in a secure location.

Security Tip

Store your backup codes in a secure password manager or write them down and keep them in a safe place. These codes can help you regain access to your account if you lose your primary MFA device.

Creating Strong Passwords

Your password is the first line of defense for your account. Follow these guidelines for creating strong passwords:

  • Use at least 12 characters with a mix of uppercase, lowercase, numbers, and symbols
  • Avoid common words, personal information, or patterns
  • Use a unique password for chatTask (don't reuse passwords from other services)
  • Consider using a password manager to generate and store strong passwords

Data Protection

How Your Data is Protected

chatTask implements multiple layers of security to protect your data:

  • Encryption in Transit: All data is encrypted using TLS 1.3 when transmitted between your device and our servers
  • Encryption at Rest: Your data is encrypted using AES-256 encryption when stored on our servers
  • Database Security: All databases are encrypted and access is strictly controlled
  • Network Security: Our infrastructure uses firewalls, intrusion detection, and regular security monitoring

Data Retention and Deletion

Understanding how long your data is stored and how to delete it:

  • Active Data: Your datasets and analyses are retained while your account is active
  • Deleted Data: When you delete data, it's permanently removed from our systems within 30 days
  • Account Deletion: When you delete your account, all associated data is permanently removed
  • Backup Retention: Encrypted backups are retained for 90 days for disaster recovery purposes

Access Controls

Team and Organization Access

For team and organization accounts, you can control who has access to your data:

Role-Based Access Control

  • Admin: Full access to all data and settings
  • Analyst: Can create and run analyses, limited administrative access
  • Viewer: Can view shared analyses and reports, no editing capabilities
  • Guest: Limited access to specific shared content only

Managing Team Access

1

Navigate to Team Settings

Go to your organization settings and select "Team Management" to view and manage team member access.

2

Invite Team Members

Send invitations to team members with appropriate role assignments. New members will receive an email invitation.

3

Review and Audit Access

Regularly review team member access and remove users who no longer need access to your data.

Secure Data Uploads

Best Practices for Data Uploads

Follow these guidelines when uploading sensitive data to chatTask:

Data Preparation

  • Remove PII: Remove or anonymize personally identifiable information when possible
  • Data Minimization: Only upload the data necessary for your analysis
  • File Formats: Use secure file formats (CSV, JSON, Parquet) rather than proprietary formats
  • File Size: Consider the sensitivity of large datasets and use appropriate security measures

Upload Security

All file uploads are:

  • Encrypted during transmission using TLS 1.3
  • Scanned for malware and viruses
  • Validated for file integrity
  • Stored with AES-256 encryption

Important Notice

Never upload data containing unencrypted credit card numbers, social security numbers, or other highly sensitive personal information unless absolutely necessary for your analysis.

Privacy Settings

Data Sharing Controls

Control how your data and analyses are shared:

Analysis Sharing

  • Private: Only you can access the analysis
  • Team: Members of your organization can access
  • Public: Analysis results can be shared publicly (no raw data)

Data Export Controls

  • Control who can export analysis results
  • Set restrictions on data download permissions
  • Monitor and audit data export activities

Communication Preferences

Manage how chatTask communicates with you:

  • Security Notifications: Receive alerts about security events (recommended to keep enabled)
  • Product Updates: Get notified about new features and security improvements
  • Marketing Communications: Opt-in/out of marketing emails

Security Monitoring

Account Activity Monitoring

Monitor your account for suspicious activity:

Activity Logs

Review your account activity logs regularly to identify:

  • Unusual login locations or times
  • Unexpected data access or downloads
  • Changes to security settings
  • Failed login attempts

Security Alerts

chatTask will automatically notify you of:

  • Successful logins from new devices or locations
  • Multiple failed login attempts
  • Changes to your account security settings
  • Suspicious data access patterns

Automated Security Features

chatTask includes several automated security features:

  • Anomaly Detection: AI-powered detection of unusual account activity
  • Brute Force Protection: Automatic blocking of repeated failed login attempts
  • Session Management: Automatic logout after periods of inactivity
  • Device Recognition: Identification and tracking of known devices

Incident Response

What to Do if You Suspect a Security Issue

1

Immediate Actions

  • Change your password immediately
  • Review your account activity logs
  • Check for any unauthorized data access or changes
  • Enable MFA if not already enabled
2

Contact Support

Immediately contact our security team at [email protected] with:

  • Details of the suspected security incident
  • Time frame when you noticed the issue
  • Any suspicious activity you observed
  • Steps you've already taken to secure your account
3

Follow-Up Actions

  • Work with our security team to investigate the incident
  • Implement additional security measures as recommended
  • Monitor your account closely for any further suspicious activity
  • Update your security practices based on lessons learned

Security Best Practices

Daily Security Habits

  • Always Log Out: Log out when finished, especially on shared computers
  • Use Secure Networks: Avoid public Wi-Fi for sensitive work
  • Keep Software Updated: Ensure your browser and operating system are up-to-date
  • Be Wary of Phishing: Always verify chatTask emails and never click suspicious links

Organizational Security

  • Regular Access Reviews: Periodically review who has access to your data
  • Security Training: Ensure all team members understand security best practices
  • Incident Response Plan: Have a plan for responding to security incidents
  • Data Classification: Classify data by sensitivity and apply appropriate protections

Advanced Security Features

For enhanced security, consider these additional features:

  • IP Whitelisting: Restrict access to specific IP addresses
  • SSO Integration: Use single sign-on with your organization's identity provider
  • API Security: Implement proper authentication for API usage
  • Audit Logging: Enable comprehensive audit logging for compliance

Need Help?

If you have questions about any of these security features or need assistance with implementation, don't hesitate to contact our support team at [email protected] or our security team at [email protected].