empower® security and privacy overview
empower® Express security and authentication overview
empower® Express is hosted securely on Microsoft Azure (click here to learn more), and is managed by our development partner, empower® GmbH—a certified Microsoft Partner and the creators of the world’s most widely used PowerPoint content management solution, empower® (learn more here).
Our firm, Right Aligned (more about us here), serves as empower® GmbH’s design and deployment partner, responsible for pre-sales support, implementation, training, and ongoing content library administration for empower® Express clients.
Authentication and Security
User access to empower® Express is governed by the security protocols of Microsoft Entra ID. Before a user can access any part of the empower® Library, they must authenticate via Microsoft’s secure identity framework. The authentication process follows these steps:
- The user provides a Microsoft 365-compliant email address.
- Our admin team adds this email to our Entra ID tenant, which triggers a verification email inviting the user to log in.
- Upon login, the user confirms their credentials via the standard Microsoft sign-in dialogue.
- If multi-factor authentication (MFA) is enabled on the user’s Microsoft account, they are prompted to verify their identity using Microsoft’s two-step process, which includes:
i. Downloading the Microsoft Authenticator app
ii. Verifying via push notification or a verification code sent to their mobile device
- If multi-factor authentication (MFA) is enabled on the user’s Microsoft account, they are prompted to verify their identity using Microsoft’s two-step process, which includes:
- Once authentication is successful, the user is granted read-only access to generic, non-sensitive content provided in our database.
- For new client organizations, we create a dedicated group within Microsoft Entra ID and assign the appropriate users.
- Permissions within empower® Express are managed at the folder level using either Entra ID groups or individual user access. As a best practice, we manage folder access via group assignments.
- We then establish your company’s private folder structure with the following access rights:
- Editable folders accessible only by your authorized users and our admins (for support purposes only):
- A central folder to store complete presentations, slides, and PowerPoint content
- An elements folder for individual slide components
- A template folder for your corporate slide templates
- Read-only folders containing shared, non-confidential resources (e.g. sample charts, tables, icons, flags, maps, etc.)
- Editable folders accessible only by your authorized users and our admins (for support purposes only):
In Summary:
- Your empower® Express environment is logically siloed from other organizations
- Only your authorized users can view or edit your company’s content
- Access permissions can be granted, modified, or revoked at any time via Microsoft Entra ID
- Administrative access is strictly limited to three members of our team and the technical support team at empower® GmbH
We would be happy to arrange a call to address any questions you may have regarding the security model or platform setup.