Blog and News

LiveAgent passed Google’s security audit

Sona Pisova

Sona Pisova

Last modified on October 29, 2020 at 12:43 pm

security audit

Completing Google’s security audit

In October 2019 Google announced that it was taking extra security measures for apps built on top of the Gmail API. All software vendors who use a “restricted” or “sensitive” Gmail API scope would be subject to a third-party security audit which would cost them anywhere between $15,000 – $75,000. It seems Google implemented these security audits as a direct result of its $56 million dollar fine from the EU’s regulatory bodies for violating GDPR policies. As a result, Google shifted security responsibilities to developers.

What did the audit entail?

The audit entailed a limited penetration test and document review of the LiveAgent application. The third-party security auditors (Leviathan) assessed the application, supporting infrastructure and our staff’s answers in a self-assessment questionnaire. Leviathan verified the application’s use of the following restricted Google API scope:

  • https://mail.google.com/ (includes any usage of REST, IMAP, SMTP, and POP3 protocols)
two people standing under security cameras

Why did we do the audit?

LiveAgent had to pass the Google Cloud Platform OAuth API Verification audit because our users utilize Gmail/Gsuite accounts. If LiveAgent users logged into our app and it wasn’t considered ‘safe’ by Google, Google would disconnect our user’s Gmail/Gsuite from their Liveagent dashboard. In this sense, our users wouldn’t be receiving emails into their LiveAgent dashboard, and that would defeat the purpose of having a universal inbox.

When did we do the audit?

LiveAgent completed the audit in December 2019 and received passing results on January 7th, 2020.

What were the results of the audit?

The results of the audit were great, we passed! According to our received report, [Leviathan] “confirms that the testing of the LiveAgent application and supporting infrastructure has been completed and that all issues with a Critical or High-risk finding have been remediated.”

Sona Pisova

Sona Pisova

Copywriter/ Star of Tutorials

I am currently writing copy and making videos at LiveAgent in Bratislava. I am a happy-go-lucky type of gal that enjoys reorganizing and cleaning in an obsessive manner. I roll my eyes a lot without knowing about it and it gets me in trouble. I also don't drink coffee because it makes me feel like I'll die, and my co-workers think it's funny.

Our website uses cookies. By continuing we assume your permission to deploy cookies as detailed in our privacy and cookies policy.