Effortlessly embed business intelligence Dashboards, Looks and Explores from Looker
Effortlessly embed business intelligence Dashboards, Looks and Explores from Looker in monday.com
With Looker Embedded, you can now collaborate in one single place on both Looker BI and your monday.com account and get the big picture of everything.
• Embed Looker Dashboards, Looks and Explores in your board views
• Embed Looker Dashboards, Looks and Explores into your item views
• Embed Looker Dashboards, Looks and Explores to enhance dashboards and workdocs
Security & Compliance
Security
Does the developer periodically perform penetration testing?
Not answered
Does the developer have a dedicated security and privacy point of contact for such issues or questions?
Not answered
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
Yes
The app does not redirect anywhere and no forwards are permitted.
Does the app protect against mass parameter assignment attacks?
No
n/a
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
Yes
Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this). We do however ensure that all data is sanitised before accepting it’s use in our apps. An example of this is the URL checking logic: ``` const isUrl = (url) => { try { new URL(url); // trigger catch exception for invalid URLs return true; } catch (e) { return false; } }; ```
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
No
n/a
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
Initial notification would be an email to [email protected]. Subsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Our security bugfix policies including patching times are published here:https://dsapps.dev/policies/security-bugfix/ In reality, our fix times are much quicker than the published timeframes: Critical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks High severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks Medium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
Not answered
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
Not answered
Is the app compliant with the General Data Protection Regulation (GDPR)?
Not answered
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics).
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
No customer data is stored by us at all. All data is stored in monday.com settings or storage, so will be segregated by being in separate monday.com instances.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
Yes
Multi-factor authentication is enforced for all company systems. All systems require multi-factor authentication using an authenticator app. Do you ensure logs do not contain secrets and PII? Yes
Does the developer protect access to customer data based on the principle of least privilege?
Yes
Only company employees who need the data have access to it. We rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked.
Reviews
No reviews yet.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 10000107,
"description": "<p><br></p><p><strong>Effortlessly embed business intelligence Dashboards, Looks and Explores from Looker in monday.com</strong></p><p><br></p><p><br></p><p>With <strong>Looker Embedded</strong>, you can now collaborate in one single place on both Looker BI and your monday.com account and get the big picture of everything. </p><p><br></p><p>• Embed Looker Dashboards, Looks and Explores in your board views</p><p>• Embed Looker Dashboards, Looks and Explores into your item views</p><p>• Embed Looker Dashboards, Looks and Explores to enhance dashboards and workdocs</p>",
"short_description": "Effortlessly embed business intelligence Dashboards, Looks and Explores from Looker\n",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "No customer data is stored by us at all.\n\nAll data is stored in monday.com settings or storage, so will be segregated by being in separate monday.com instances."
},
{
"questionId": 2,
"shortAnswer": true,
"detailedAnswer": "Our security bugfix policies including patching times are published here:https://dsapps.dev/policies/security-bugfix/ \n\nIn reality, our fix times are much quicker than the published timeframes:\n\nCritical severity bugs (CVSS v2 score >= 8, CVSS v3 score >= 9) are normally fixed within 2 weeks\n\nHigh severity bugs (CVSS v2 score >= 6, CVSS v3 score >= 7) are normally fixed within 3 weeks\n\nMedium severity bugs (CVSS v2 score >~= 3, CVSS v3 score >= 4) are normally fixed within 4 weeks\n"
},
{
"questionId": 3,
"shortAnswer": true,
"detailedAnswer": "Initial notification would be an email to [email protected].\n\nSubsequently we will follow the process described at:https://dsapps.atlassian.net/wiki/spaces/SEC/pages/4800970753\n"
},
{
"questionId": 4,
"shortAnswer": false,
"detailedAnswer": "n/a"
},
{
"questionId": 5,
"shortAnswer": true,
"detailedAnswer": "Most if not all of our apps use monday.com app settings or board item columns to store data such as URLs for embedding external URLs. As such, we cannot sanitise the data stored in monday.com (even though monday.com will do some of this).\n\nWe do however ensure that all data is sanitised before accepting it’s use in our apps.\n\nAn example of this is the URL checking logic:\n\n```\nconst isUrl = (url) => {\n try {\n new URL(url); // trigger catch exception for invalid URLs \n return true;\n } catch (e) {\n return false;\n }\n};\n```"
},
{
"questionId": 6,
"shortAnswer": true,
"detailedAnswer": "Only company employees who need the data have access to it.\n\nWe rely on the principle of least privilege for all systems in our company. It you do not need access, you do not have access. Access is monitored regularly and privileges revoked.\n"
},
{
"questionId": 7,
"shortAnswer": true,
"detailedAnswer": "Multi-factor authentication is enforced for all company systems.\n\nAll systems require multi-factor authentication using an authenticator app.\nDo you ensure logs do not contain secrets and PII?\nYes"
},
{
"questionId": 8,
"shortAnswer": true,
"detailedAnswer": "This app is static HTML, so the only logs collected are access logs (which contain no secrets or PII) and analytics (we ensure that no secrets or PII are sent to analytics)."
},
{
"questionId": 9,
"shortAnswer": false,
"detailedAnswer": "n/a"
},
{
"questionId": 10,
"shortAnswer": true,
"detailedAnswer": "The app does not redirect anywhere and no forwards are permitted."
}
],
"badges_data": {
"pricing_data": "Free plan available",
"acquisition_source": "Existing legacy",
"app_values": [
"Make data-driver decisions"
]
},
"data": {
"google_analytics_tag_id": "G-4BJTWRJGFL"
},
"keywords": " embed,analytics, dashboards,BI",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1661781680/monday-apps-marketplace/Looker%20Embedded/looker-app-card.png",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1661781680/monday-apps-marketplace/Looker%20Embedded/looker-app-icon-blue.png",
"feedback_url": "https://dsapps.atlassian.net/servicedesk/customer/portals",
"privacy_policy_url": "https://dsapps.dev/data-security-privacy/",
"external_pricing_url": null,
"featured": null,
"security": null,
"display_in_template_store": null,
"acquisition_source": "Existing legacy",
"terms_of_service_url": null,
"label": null,
"app_values": [
"Make data-driver decisions"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1661781676/monday-apps-marketplace/Looker%20Embedded/looker-gallery-image-1.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1661781675/monday-apps-marketplace/Looker%20Embedded/looker-gallery-image-2.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1661781674/monday-apps-marketplace/Looker%20Embedded/looker-gallery-image-3.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1661781678/monday-apps-marketplace/Looker%20Embedded/looker-gallery-image-4.png"
}
],
"pricing_data": "Free plan available",
"marketplace_developer_id": 10000034,
"app_id": 10035542,
"marketplace_category_ids": [
10000000,
10,
9
],
"name": "Looker Embedded",
"app_scope_str": "boards:read,me:read,account:read",
"app_client_id": "54f625e0cfc8eeceaa91dee825a8f0fb",
"app_color": {
"hsl": {
"h": 213.33333333333331,
"s": 1,
"l": 0.9299999999999999,
"a": 1
},
"hex": "#dbebff",
"rgb": {
"r": 219,
"g": 235,
"b": 255,
"a": 1
},
"hsv": {
"h": 213.33333333333331,
"s": 0.14,
"v": 1,
"a": 1
},
"oldHue": 213.33333333333331,
"source": "rgb"
},
"created_at": "2022-08-29T14:18:00.385Z",
"updated_at": "2024-11-07T12:47:38.683Z",
"how_to_use_url": "https://dsapps.dev/products/looker-in-monday-dot-com/iframed/",
"automation_app_id": null,
"plans": [
{
"id": "10035542-1-up_to_2",
"appId": 10035542,
"appPlanId": "up_to_2",
"versionId": 1,
"versionState": "live",
"name": "Couples",
"description": "Free for up to 2 team members. This plan comes without support.",
"extraData": {
"bullets": [],
"monthlyFee": 0,
"yearlyFee": 0,
"maxSeats": 2
},
"isTrial": false,
"isRecommended": false,
"isFree": true,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 0,
"yearly": 0,
"maxSeats": 2
}
},
{
"id": "10035542-1-up_to_5",
"appId": 10035542,
"appPlanId": "up_to_5",
"versionId": 1,
"versionState": "live",
"name": "Up to 5 seats",
"description": "Use the app without any limitations for up to 5 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 18,
"yearlyFee": 16.2,
"maxSeats": 5
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 18,
"yearly": 16.2,
"maxSeats": 5
}
},
{
"id": "10035542-1-up_to_20",
"appId": 10035542,
"appPlanId": "up_to_20",
"versionId": 1,
"versionState": "live",
"name": "Up to 20 seats",
"description": "Use the app without any limitations for up to 20 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 60,
"yearlyFee": 54,
"maxSeats": 20
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 60,
"yearly": 54,
"maxSeats": 20
}
},
{
"id": "10035542-1-up_to_100",
"appId": 10035542,
"appPlanId": "up_to_100",
"versionId": 1,
"versionState": "live",
"name": "Up to 100 seats",
"description": "Use the app without any limitations for up to 100 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 180,
"yearlyFee": 162,
"maxSeats": 100
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 180,
"yearly": 162,
"maxSeats": 100
}
},
{
"id": "10035542-1-up_to_200",
"appId": 10035542,
"appPlanId": "up_to_200",
"versionId": 1,
"versionState": "live",
"name": "Up to 200 seats",
"description": "Use the app without any limitations for up to 200 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 300,
"yearlyFee": 270,
"maxSeats": 200
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 300,
"yearly": 270,
"maxSeats": 200
}
},
{
"id": "10035542-1-more_than_200",
"appId": 10035542,
"appPlanId": "more_than_200",
"versionId": 1,
"versionState": "live",
"name": "More than 200 seats",
"description": "Use the app without any limitations for more than 200 team members.",
"extraData": {
"bullets": [],
"monthlyFee": 600,
"yearlyFee": 540,
"maxSeats": 1000000
},
"isTrial": true,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 600,
"yearly": 540,
"maxSeats": 1000000
}
}
],
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": "seat_based",
"app_type": null,
"display": null,
"is_connector": null,
"google_analytics_tag_id": "G-4BJTWRJGFL",
"app_live_version": {
"updated_at": "2024-03-24T08:45:17Z",
"id": 10052471
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
