Security FAQ

Can I export my data?

Yes, you can export your data by navigating to Settings > Login & Security.

Export your Missive data settings user interface

Here's what you can expect from each export category:

Comments: This contains all comments from all organization and private conversations that you have access to. It excludes and any conversations that have been moved to the trash. Each organization's comments will be provided in a separate .csv file.
Contacts: This includes all contacts from every contact book that you have access to. Each contact book's data will be provided in a separate .csv file.
Conversations: This includes all data (such as messages (emails, SMS, etc.), comments, assignments, etc.) from all organization and private conversations that you have access to. It excludes any conversations that have been moved to the trash. Each organization's conversation data will be provided in a separate .json file.
Email addresses: This contains all the 'From', 'To', and 'Cc' fields in all emails you have access to, excluding those in the trash or marked as spam. All this data will be provided in a single .csv file.
Phone: This includes all the 'From' and 'To' fields in all SMS messages you have access to, excluding those in the trash or marked as spam. All this data will be provided in a single .csv file.
Responses: This contains all responses you have access to. There will be separate exports for each team, the entire organization (for responses shared organization-wide), and personal responses. All these exports will be in .html format and will include attachments separately.
Rules: This includes all rules you have access to. There will be a separate .csv file for each organization and for your personal rules.

Can you read my emails?

Technically speaking, it would be false to claim we cannot read your emails. Missive imports your emails via IMAP like any email app does and stores them in a database. This includes text content and attachments. Storing this data in our own database is the technical foundation of a collaborative product like Missive. Thus, we naturally have access to the database that contains your emails in order to manage and maintain it in good shape for Missive to operate properly. This is the same situation as with your main email provider (Gmail, Office 365, etc).

That said, only a few of our engineers have access to the database in question. Even for these people, getting to your actual email content is not trivial. We built internal tools that allow our engineers to do their daily job (e.g. see what is going on in the system, the number of emails processed, etc.), but none of these tools display email contents. Needless to say, we are not in the business of scanning, sharing, or selling any of our users’ data. We never access a user’s data unless this user has specifically granted us permission and asked us to investigate a bug with their account, for instance.

You can read our Privacy Policy here. We take the privacy and security of your data very seriously.

Do you support 2-factor Authentication (2FA)?

Yes, users connecting to Missive with an email and password can enable 2FA from their Login & Security settings.

For users connecting to Missive with Google, here's how to enable 2FA.

How do I enable two-factor authentication (2FA)?

Enabling two-factor authentication (2FA) to your Missive account will add an extra layer of protection to your data.

For users connecting via OAuth, please read this tutorial for people who sign in with Google or this other for people who sign in with Apple.

To activate 2FA on your regular Missive account, you will need to get an authentication app such as Authy or Google Authenticator.

Once you have downloaded one of the apps, please follow these steps:

Go to Settings > Login & Security.
Enter your account password
Click on Enable two-factor authentication
With the previously downloaded authentication app, scan the QR code
Enter the 6-code digit in Missive.

Screenshot of Missive's two-factor authentication QR code

What does 2FA mean next to my user name in my user's settings?

The 2FA badge displayed in the user list for organization admins shows who enabled 2-factor authentification.

How can I change my password?

If you are logged out of the app, click on the "Forget my password" link on the login page, then enter your login email on our password reset page. You will receive an email containing instructions to reset the password for your account.

Image showing where to reset your password

If you are still logged in, go to Settings > Login & Security to change your password.

Why do I need to confirm my password in the settings?

This is only if you need to update your login credentials such as your email, password or OAuth provider. You can update any other settings without entering your password.

That is meant as a security step to make sure no one but the owner of this account can change the login information.

Do you offer a bounty program?

We do encourage responsible disclosure of security issues related to Missive. Read more about our bounty program here.

What is your uptime/downtime track record? (SLA)

In 2020, we achieved 99.95% uptime.

In 2021, we achieved 99.92% uptime.

Here's a breakdown per quarter:

2021 Q1 - 100%
2021 Q2 - 99.98% (maintenance)
2021 Q3 - 100%
2021 Q4 - 99.68%

In 2022, we achieved 99.96% uptime:

2022 Q1 - 99.92%
2022 Q2 - 99.96%
2022 Q3 - 99.95%
2022 Q4 - 99.99%

In 2023, we achieved 99.97% uptime:

2023 Q1 - 99.95% (maintenance)
2023 Q2 - 99.95%
2023 Q3 - 99.99% (maintenance)
2023 Q4 - 99.999% (maintenance)
All maintenances happened during US Eastern nighttime.

As a reference, see here what 99.95% uptime represents on various basis (monthly, quarterly, etc): https://uptime.is/99.95

What happens when a user is removed from an organization?

Removing a user from an organization involves several steps and can have different implications. Here's what you need to know:

Accesses to shared conversations

The removed user will lose access to all shared conversations (those with the colored organization flag on the left). This is a background process that can take from a few minutes to several hours to complete.

If shared conversations contain emails from the user’s personal email account, these emails will be removed from the shared conversations but will remain available to the removed user in new private conversations.

Comments/Chat

Removed user comments are kept in shared conversations for remaining users to see.

Assigned conversations

Missive will do everything needed to ensure that the removed user assigned conversations won’t fall into a crack:

Conversations assigned to the user that are closed will remain closed but the user will be unassigned so that if a newer message comes in, the conversation will be moved back to the team inbox.
Conversations assigned to the user that are still open will immediately be moved back to the team inbox upon removing the user.

Given that second point, something to consider is if you believe the user in question was not keeping their Inbox and Tasks view clean, meaning they did not archive / close conversations even when they were done handling it, you don’t want a large influx of their old assigned conversations to fill up your team inbox.

To avoid that, something you can do before removing users (or on a regular basis) is to check your organization Tasks view (located in the + Pin to sidebar menu if you never opened it) and close old tasks your coworkers did not close.

Can I get a list of all IP addresses used by Missive's servers?

The servers Missive uses to connect to IMAP servers are hosted on Amazon Web Services (AWS). There are multiple IP addresses active at once and these may change several times a day.

If you need a list of IP address ranges to whitelist on your server, you can use the following file provided by AWS:

https://ip-ranges.amazonaws.com/ip-ranges.json

Although this may change in the future, all our servers currently originate from the US East 1 (N. Virginia) region, so you can filter the file and select only the IP ranges with "region": "us-east-1".

Note that this file may change regularly; you must synchronize the whitelist on your IMAP server accordingly. You can read more on the expected usage of this file.

Are you having a service outage?

If we are experiencing issues with the service, we will post a message on our status page.

How to install Missive if you don't have admin permissions on your computer?

For the auto-update to work for users without admin privilege, Missive needs to be downloaded and moved to the user’s personal Applications folders (eg. /Users/frodo/Applications) whereas most apps are normally installed in /Applications.

If Missive hasn’t already been installed, jump to step 2.

1) From the admin account, completely uninstall Missive and its related files. To do that, we recommend using AppCleaner.

2) From the user account, download the latest Missive version and open the .dmg file.

Do not move the app in the Applications shortcut provided. Instead, open another Finder window and go to the user's Home folder (⌘ + Shift + H) and drag Missive into the Applications folder. That folder doesn't require admin rights. If you're prompted with an admin/password dialog, you're most likely not dragging the app in the right directory.

Move Missive to the non-admin user personal Applications

3) Open Missive from there, pin in to your Dock and you’re ready to collaborate! 😎

Why is AVG detecting images as threats?

AVG routinely flags regular images as threats, even on images hosted by Gmail. You can fill up this form to help improve their algorithm.

PreviousIP restriction NextRoles

Last updated 1 day ago

Good night