Rocket.Chat is secure by design. This document provides an overview of key security options to help you configure your workspace according to your data privacy requirements. Each section explains configuration details so you can safeguard your communications.
Authentication
Configure password policies and Two-factor authentication (2FA/MFA). To simplify identity management, enable secure single sign-on (SSO) with providers such as SAML, LDAP, OAuth, or OpenID.
End-to-end encryption
Enable end-to-end encryption (E2EE) to add an extra layer of security. This feature ensures that sensitive information is accessible only to authorized users.
ABAC
Configure Attribute-Based Access Control (ABAC) to define granular access policies based on attributes that align with your organization's security requirements.
FIPS Complaince
Secure your workspace with FIPS 140-3 compliance to ensure your cryptographic modules strictly align with federal information processing standards.
Devices and rate limiting
Manage devices that access your workspace remotely. Use rate limiter settings to control the number of requests your workspace can handle.
Secure push notifications and data sharing
Configure mobile push notifications and adjust privacy settings. To prevent data leaks, install the Data Loss Prevention (DLP) app, which restricts the sharing of sensitive information in channels.
Use Rocket.Chat’s role-based access control (RBAC) system to manage permissions across workspace features. For details, see the Roles in Rocket.Chat guide.