Architecture and security overview

Overview

Meeting Canary is built on top of Microsoft Office 365 and the Microsoft Graph. For you, that means that your data remains stored, secured and managed in your existing Office 365 tenant. To further ensure that your data is only transferred between your end-users’ devices and your Office 365, Meeting Canary is built as a Application that runs in a browser sandbox on the end-users’ devices and communicates directly with your Office 365 tenant.

The reason for designing Meeting Canary in this way is to make sure you remain in control of your data and to align with your existing security policies.

Identity management

Meeting Canary integrates with our customer’s Azure AD for authentication. This means that you are in full control through your Azure AD with regards to password policies, multi-factor authentication, conditional access policies, which users are allowed to use Meeting Canary, etc.

Meeting Canary also allows guests (persons not members of your organization) to be invited to meetings. Guest users are managed in Azure AD through its guest feature. This means that if you don’t allow guests to be invited into your organization, or you have some partial restrictions on guests, those will apply to the use of Meeting Canary, too.

In addition, except for the permissions required to Join Meetings, Meeting Canary only uses delegated permissions for the Microsoft Graph. This means that Meeting Canary always runs in the context of a signed-in user, and the permissions that user has in your Office 365 tenant. See Meeting Canary Microsoft Graph permissions explained for more details on what permission levels are needed.

This also means that no Meeting Canary employees have access to your data.

Meeting content

During a meeting, Meeting Canary has access to the video/audio streams of the participants, this data is used to create insights and measure meeting effectiveness while the meeting is in progress. The raw video, audio or transcript data is never stored or persisted in our database. Only metadata relating to events such as when people joined and left, when people spoke, turned their camera on or off etc. is stored.

Hosting

Meeting Canary is built on top of Microsoft Office 365 but also has Meeting Canary specific services hosted on Azure.

Data storage

Meeting Canary Azure services are used to maintain a database of object relations for objects such as meetings, participants, etc. specific to Meeting Canary.

Encryption

Data in transit is secure using HTTPS/TLS.

Meeting Canary uses Azure Database for data storage and leverages their respective built-in features for encryption at rest.