Simplify and shorten the Google OAuth verification and security assessment through the Nylas dashboard.
In 2020, we announced the Express Security Review, the only program of its kind that simplifies the Google OAuth verification and security assessment process. Through partnerships with Google certified, third-party security firms, we set out to make this complex verification process as simple as possible. Today, we are excited to announce that we have made this workflow even easier by automating the Express Security Review process through the Nylas dashboard.
Starting the Nylas Express Security Review
Going forward, most of the assessment steps are handled through the Nylas dashboard and with direct communication with the Nylas Customer Success team. There are three main stages in the Nylas Express Security Review process: the Qualifier and Purchase Assessment, Google Verification Wizard, and the Security Assessment. To begin the security review process, there are a couple of prerequisites:
In your Nylas Dashboard, add the Google Project ID that needs verification.
Ensure your Google application’s OAuth Client ID and Client Secret are added to your Nylas Dashboard under “App Settings” in the “Google OAuth” tab.
You are ready to begin the assessment. Click on “Express Security Review” to start the assessment.
Qualifier and Purchase Assessment
The first portion consists of two steps and should be completed by someone on your team who understands how your platform uses the Nylas APIs and knows your billing and payment information.The Qualifier section determines the kind of Google Oauth verification/assessment your platform needs. In this step, select your Google Project number as well as the Nylas APIs you use (email, calendar, or contacts), and indicate how you use the selected APIs. Depending on your answer, you are redirected to one of two different paths:
Purchase Assessment – You proceed to this step if your application requires a third-party security assessment.
Google Verification Wizard – You proceed to this step if your application does not require a third-party security assessment and only requires Google Verification.
The Purchase Assessment step uses your answers to estimate the final security assessment costs. As stated above, there are two outcomes within this step.
Your application is eligible for the standard Security Assessment cost.
Your application needs a custom quote from a third-party security assessor.
Based on the dashboard questionnaire responses, a Nylas representative will reach out within five business days to coordinate between you and the third-party security firm to produce the exact quote.
Google Verification Wizard
Once the verification process has been completed, the Nylas team then sets up a streamlined assessment with one of Google’s approved security firms. At this stage, you’ll need someone from your team who can answer product questions and technical questions while remediating any found security issues/concerns. After you submit the responses, a Nylas Customer Success manager will reach out in two business days if there are any additional questions. This step also streamlines the sharing of general information with the third-party security firm, including: company name, project points of contact information, preferred communication methods, previous security test reports, and incidents so that testing can get underway quickly.
Here’s a visual overview of the process from start to finish:
Announcing Data Residency: US, EU, Australian and Canadian Data Centers
Nylas’ Response to the Log4j Vulnerability
Nylas Provides Enterprise-Grade Reliability Amidst Google’s People API Migration
Dominic is a Product Marketing Manager at Nylas. In his spare time, he loves to hike and go to the beach with his dog.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!