uWebChat does not store chat conversations. However, uWebChat uses Microsoft Graph to connect to your Microsoft 365 tenant. By authorizing uWebChat to use Microsoft Graph you can enable agents to store chat conversations to OneDrive. This way, information is stored in your Microsoft 365 tenant and subject to your security and compliancy policies.
How we prevent unauthorized access
uWebChat staff have no access to uWebChat data. Only the Microsoft Bot Framework and GraphAPI can access conversation history. This content is stored inside the security scope of your organization, within Microsoft 365. Access tokens for the GraphAPI are stored in Azure key vault and only accessible by authorized sysadmins, covered by ISO27001 security policies.
What firewalls are in place for uWebChat?
uWebChat is a serverless application. This means that only HTTPS (TLS v 1.2) access is allowed to the Azure Web Application. By default, these services are protected by Basic Azure anti DDOS protection enabled as part of the Azure infrastructure. Always-on traffic monitoring and real-time mitigation of common network-level attacks, provide a similar defense as utilized by Microsoft online services.
Backup and disaster recovery mechanism for uWebChat?
All uWebChat infrastructure components are redundant. Hourly backups are in place for the uWebChat database (containing license and tenant ID information), backup data is stored outside Azure in the Universal Cloud datacenters in the Netherlands.
uWebChat is developed and managed by Universal IT. Universal IT is ISO27001 certified by KIWA, a copy of the certificate or the statement of applicability can be provided on request.