How and what to share about your BreachRisk results with another company.
Privacy controls in BreachRisk are very strict, but do allow companies to safely and securely share details with another company. Details beyond the BreachRisk Score cannot be shared without a company's permission.
There are four levels of access to a company's BreachRisk assessment details. For security reasons, higher levels of access, like Level 3 Technical Details Access and Level 4 Administrator Access should only be granted in cases where the two company's have a well documented and secure relationship with one another, such as with a Managed Service Provider or Managed Security Service Provider.
For most use cases, access to the BreachRisk Score or BreachRisk Report should suffice.
How To Approve A Sharing Request Or Send Details to Another Company
1. Log in to your dashboard.
2 Navigate to the Data Sharing Page
3. If you already have an Inbound Request for your BreachRisk Details from another company, you'll see it in the first table on the page. Before approving the request, ensure that the Access Level they've request makes sense for you relationship. (Do NOT share your Technical Details or Administrator access levels without verifying your relationship to the company making the request.)
If they've requested a greater level of access than your agreement with them, email support@breachbits.com to remove the request.
a. To approve an existing share request, toggle the controller in the Approval column.
The request will show red when approved and will move to the "Active BreachRisk Share Requests" Table.
b. If there are no active requests, you may still invite another company to view your BreachRisk Details, by selecting the "New Sharing Invitation" Button on the "Active BreachRisk Share Requests" Table.
i. Provide the company name and point of contact information for the appropriate person and make sure you're sharing the appropriate access level. Click Submit.
You are now sharing your BreachRisk assessment details with the selected company and they will be able to see that you are sharing in their Manage Portfolio page. If you need to revoke access later, return to this screen and toggle the sharing request to deactivate.