Data security within Folgo

This article answers the question: "Can I trust Folgo with my data?" And the answer is an emphatic Yes. Folgo has been selected by the “Recommended for Google Workspace apps” (you will find more information about what this means here: 2023 recommended for Google Workspace apps). In order to actually get this recommendation we needed to undergo a rigorous CASA assessment (you can find more here: CASA Tiering | App Defense Alliance), the highest level of assurance in the CASA framework. This proves that Folgo keeps users’ (your) data safe by verifying that we have the capability to handle data securely. 

CASA Tier 3 Assessment

To get the recommendation you do not only need to pass the CASA assessment, you need to get the highest requirements which means CASA tier 3.  

This assessment checks the application deployment infrastructure and any user data storage location for compliance with all CASA requirements. This demonstrates capability in handling data securely.

In order to maintain the highest level of data security, Folgo needs to undergo this CASA Tiering assessment on an annual basis, this process is called the CASA Tiering Reassessment, also known as Annual Recertification.

A prominent security firm, Prescient Security (Prescient Security), rigorously audited Folgo in April 2023, making sure that it indeed met all the requirements.

What does the CASA Tier 3 assessment include?

The CASA framework includes requirements for both functional and non-functional security controls. Functional security controls are those that protect the application from unauthorized access, data breaches, and other malicious attacks. Non-functional security controls are those that ensure the application is reliable, scalable, and performant.

In addition to these three activities, the assessor may also conduct other security assessments, such as:


HECVAT (Higher Education Community Vendor Assessment Tool)

The HECVAT assesses the information security, privacy, and data protection practices of our platform. It is widely used by universities and other institutions to evaluate the risks of working with third-party vendors like Folgo, ensuring we meet the rigorous standards necessary to handle sensitive information.

Data Access

When you install Folgo on your Google account, you will be prompted to authorize different accesses. Those authorizations will only be used to perform the service you are requesting from the add-on you have installed.

Still, need help? Contact Us.