How Do Blackbaud Marketplace Apps Use My Data? 8723

How Do Blackbaud Marketplace Apps Use My Data?

Published

Have you gotten a recommendation or discovered for yourself that there’s a Blackbaud Marketplace app that’ll precisely solve a challenge you’re facing today? While “shopping” for an app is easier with the Marketplace, deciding to connect and use the app often means getting answers to security questions like “how will this app use our constituent data?” and if it stores any of your data for handling “where will my data be stored?”

To help you find answers to vital security-related questions quickly and easily, we’re introducing two new features today – Scopes and Publisher Attestations. Both are targeted towards helping you, and your IT people, feel confident in a decision to use an application based on a clear understanding of its security and data handling postures.

How do you find the new Scopes and Publisher Attestations?

When you are logged in with Blackbaud ID and navigate to a Marketplace listing (for example, see the listing by Red Arc for Letter Box) , you will now see a Security tab that explains the access to your Blackbaud data that the application needs (Scopes) and the publisher’s security statement (Attestation).

Next, let’s dive into more details about these features and how they work.

Attestations

An attestation is a formal statement by the app publisher verifying security settings for their Marketplace application. In this case, the application publisher answers key questions about the security, compliance, and data handling practices of their application and their organization. Share these details with your IT resource or department to help them decide if the application you have selected for its value added features is also a good fit for your organization’s security standards.

Note: If the application publisher hasn’t posted an Attestation yet or doesn't provide enough details for your review, we encourage you to use the Contact us feature to ask them about their attestation answers.

ddf721e07edd679c29585f1526893a83-huge-im

Scopes

When you connect a new application, the connect screen will now inform you about the level of access to your Blackbaud data that the application requests.

04c6b376c111d193cf1ad1811d1e100c-huge-im

When you connect, the application data access is now limited based on:

  • scopes, or types of access, an environment admin approves in the Marketplace, and

  • the user permissions of the person who authorizes the app by entering their Blackbaud credentials (also known as the consenting user).

What are the possible types of access to my Blackbaud data?

For each product in your Blackbaud environment, the application can request to:

  • Read – enables the application to see data via SKY API calls that the consenting user can see in the solution, but not make any changes.

  • Write – enables the application to change data via SKY API calls that the consenting user can change in the solution, but not delete.

  • Delete – enables the application remove data via SKY API calls that the consent user can remove in the solution.

  • Subscribe to events – enables the application to receive event notifications via webhooks when data changes in the application, but not change or delete anything. A webhook is a way for an application to listen for changes that happen in the solution.

How do scopes work in the context of a consenting user?

We recommend you review our data access examples and diagrams to better understand how it works. 731184c35c0745b105bb338fc0f1410e-huge-im

In general, an application can only do the following:

  • Whatever the consenting user can do, an app can also do via SKY API.

  • Whatever the consenting user cannot do, an app also cannot do via SKY API.

However, if the level of access defined in Scopes is further restricted to less than a consenting user can do, than it can only do what it defined and no more.

What happens when a publisher wants to change the application’s level of access?

Once you approve an application's access, the publisher cannot change the scope of access without getting explicit re-approval by your environment admin. This gives you more control over how applications can view and change your data over time. Scopes are also per product, so you can decide the level of access for each Blackbaud solution your organization uses.

Environment admins can review which apps want a change in access to your data under Scopes updates on the Manage page in the Blackbaud Marketplace.

e7eaf9ea539b3db9e0f81ddd18e46aac-huge-im

Recent updates

If you haven’t visited the Blackbaud Marketplace in a little while, here’s a snapshot of recent improvements we’ve made!

  • App collections – Collections are a way to sort through the Marketplace applications by key features, such as recently added, most popular, By Blackbaud, and more. When you select a collection, you then sort the list alphabetically or by popularity. By default, we only show a portion of the collection on the home page so that it’s easier to navigate. However, we’ve also added a new link that enables you to View all. Select this when you want to dig in more thoroughly to a collection.

  • Categories – We’ve recently begun adding categories to the Marketplace. Categories are a way to filter available apps by their function or service provided. We’re starting with three categories: Document management, Integration platforms, and Volunteer management. However, we’ll continue to add new categories over time.

  • Search – We moved the search to the top of the page, so it’s more easily accessible when you know what you’re looking for or when you want to search by keyword.

  • Copy link – On the details page for an application, we added a new Copy link that enables you to copy a direct link to the application. This makes it easy for you to share apps you are interested in with those in your organization

  • Blackbaud solutions – You can still filter the available list of Marketplace applications by ones that are compatible with your solution. The solutions filter also works with the collections. Using both together will help you narrow down your results.

What’s coming next?

Speaking of making the Marketplace more enticing to explore, while we have many new features in the works, we can spill the beans on one we’re pretty darn excited about… Reviews! We know that when it comes to evaluating applications there’s no one you trust more outside of your organization than your peers in the social good space. We wanted to provide a way for customers who’ve connected and used an application to provide feedback on how that experience went for them. And, we’ll provide a way for application publishers to respond publicly to that feedback.

More coming soon, so we hope you’ll bookmark and visit the Blackbaud Marketplace often to see the new apps that are added regularly and the new ways we’re making the experience better for you and your organization.

News Blackbaud Higher Education Solutions™ Announcements 11/10/2022 10:26am EST
Added by Derek Nichols
  

Leave a Comment

Check back soon!

Share: