MoreApp is a solution for field services that allows companies to digitise forms and automate workflows. This integration is designed for users who seamlessly want to connect MoreApp’s digital forms with the monday.com dashboard.
1. 🎯 Meet your status quo
All your tasks are in one place with this integration.
Easily check the status of all your tasks in your dashboard or get notified when a status changes. Your life will become a whole lot easier when integrating your MoreApp forms with monday.com.
There is more:
Receive data in real-time and take immediate action
Create new tasks and items for different scenarios
Choose more extensive options like a calendar view and contracts
2. 🚀 Start digitising
A sustainable solution for field service operations.
With MoreApp you limit paper usage, save time and money and optimise your processes. It's a big win for the planet and an even bigger win for you.
3. 🔗 Connect MoreApp with your tools
Automate your workflows and get things done.
The power of MoreApp is connectivity. Integrate with your software and streamline your workflows.
MoreApp prioritises privacy and security above everything else. Our ISO 27001 and ISO 27701 certifications ensure the highest standards of data management.
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
Yes
We ensure no "user input" is used to make redirects. We also setup a very strict CSP to only allow loading scripts, images, and styles from our own server.
Does the app protect against mass parameter assignment attacks?
Yes
Our monday-app does not rely on such auto-binding / ORM-layers. We sanitize requests using schema-validation, and make case-specific MongoDB-queries.
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
Yes
We sanitize all user inputs before performing MongoDB queries. We also apply schema-validation on all requests to our server.
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
Yes
We use your official monday-sdk to grab a sessionToken provided when navigating from your settings page. This sessionToken is passed along to our server on each request, for server-side validation.
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
If we notice a customer is affected by a security breach, we notify the customer. If needed, we also notify the AP (Dutch Data Protection Authority) as required by GDPR. If a security specifically hits customers that use our monday-integration, we will notify monday.com as well.
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Most critical systems apply auto-upgrading, like our managed GKE cluster (GCP's Kubernetes Engine) and our MongoDB Atlas clusters. We use container-optimized OS-es in our GKE cluster, which are auto-patched on the OS-level. PRs for dependency-patches are done automatically via Renovate (similar to Github's Dependabot).
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
No
HIPAA is very much US-centered. This is not (yet) relevant for us.
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
No
We are ISO27001 + ISO27701 certified though. We're thinking of adding SOC2 next year though as this helps to expand in the US where SOC2 is more common than ISO27001.
Is the app compliant with the General Data Protection Regulation (GDPR)?
Yes
We're a Dutch (EU) company, so we have to comply with GDPR by law. Next to that, we are ISO27001 and ISO27701 (Privacy module) certified.
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
We have strict guidelines on what to log, and it's part of our PR review process to be very strict in that: only log what needs to be logged. We make sure we keep user-data out of URLs that are posted to the server, as this would end up in access-logs.
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
We apply logical separation in our databases and file-storage. Each customer has a unique "customerID" which is passed to all database-queries. MongoDB-collections are indexed by this customerID. For file-storage, we store customer-related files in their own directory (using that customerID). API-calls usually require the CustomerID to retrieve/post data. The API-key needed to make API-calls is also registered with a specific CustomerID.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
Yes
Access to our systems processing customer data is only available to the operational Dev-team, using a user-specific login requiring 2FA and a VPN-connection.
Does the developer protect access to customer data based on the principle of least privilege?
Yes
By default, only our operational Dev-team has access to the database(s) with customer data. Administrative / superuser access is only applied to individuals, not using shared accounts.
Reviews
No reviews yet.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 10000501,
"description": "<p><strong>MoreApp: the field service management tool.</strong></p><p><em>Where planning and execution come together.</em></p><p><br></p><p>MoreApp is a solution for field services that allows companies to digitise forms and automate workflows. This integration is designed for users who seamlessly want to connect MoreApp’s digital forms with the monday.com dashboard.</p><p><br></p><p><strong>1. </strong>🎯 <strong>Meet your status quo</strong></p><p><em>All your tasks are in one place with this integration.</em></p><p><br></p><p>Easily check the status of all your tasks in your dashboard or get notified when a status changes. Your life will become a whole lot easier when integrating your MoreApp forms with monday.com.</p><p><br></p><p><strong><em>There is more:</em></strong></p><ul><li>Receive data in real-time and take immediate action</li><li>Create new tasks and items for different scenarios</li><li>Choose more extensive options like a calendar view and contracts</li></ul><p><br></p><p><strong>2.</strong> 🚀 <strong>Start digitising</strong></p><p><em>A sustainable solution for field service operations.</em></p><p><br></p><p>With MoreApp you limit paper usage, save time and money and optimise your processes. It's a big win for the planet and an even bigger win for you.</p><p><br></p><p><strong>3.</strong> 🔗 <strong>Connect MoreApp with your tools</strong></p><p><em>Automate your workflows and get things done.</em></p><p><br></p><p>The power of MoreApp is connectivity. Integrate with your software and streamline your workflows.</p><p><br></p><p>MoreApp prioritises privacy and security above everything else. Our ISO 27001 and ISO 27701 certifications ensure the highest standards of data management.</p><p><br></p><p>For more details check out our <a href=\"https://docs.moreapp.com/docs/developer-docs/ZG9jOjQ2NDA2-introduction\" rel=\"noopener noreferrer\" target=\"_blank\">Developer Docs</a> or visit our <a href=\"https://help.moreapp.com/en/support/home\" rel=\"noopener noreferrer\" target=\"_blank\">Help Center</a>.</p>",
"short_description": "Your MoreApp tasks on monday.com",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "We apply logical separation in our databases and file-storage. Each customer has a unique \"customerID\" which is passed to all database-queries. MongoDB-collections are indexed by this customerID. For file-storage, we store customer-related files in their own directory (using that customerID).\nAPI-calls usually require the CustomerID to retrieve/post data. The API-key needed to make API-calls is also registered with a specific CustomerID."
},
{
"questionId": 2,
"shortAnswer": true,
"detailedAnswer": "Most critical systems apply auto-upgrading, like our managed GKE cluster (GCP's Kubernetes Engine) and our MongoDB Atlas clusters.\nWe use container-optimized OS-es in our GKE cluster, which are auto-patched on the OS-level.\nPRs for dependency-patches are done automatically via Renovate (similar to Github's Dependabot)."
},
{
"questionId": 3,
"shortAnswer": true,
"detailedAnswer": "If we notice a customer is affected by a security breach, we notify the customer. If needed, we also notify the AP (Dutch Data Protection Authority) as required by GDPR.\nIf a security specifically hits customers that use our monday-integration, we will notify monday.com as well."
},
{
"questionId": 4,
"shortAnswer": true,
"detailedAnswer": "We use your official monday-sdk to grab a sessionToken provided when navigating from your settings page.\nThis sessionToken is passed along to our server on each request, for server-side validation."
},
{
"questionId": 5,
"shortAnswer": true,
"detailedAnswer": "We sanitize all user inputs before performing MongoDB queries. We also apply schema-validation on all requests to our server."
},
{
"questionId": 6,
"shortAnswer": true,
"detailedAnswer": "By default, only our operational Dev-team has access to the database(s) with customer data.\nAdministrative / superuser access is only applied to individuals, not using shared accounts."
},
{
"questionId": 7,
"shortAnswer": true,
"detailedAnswer": "Access to our systems processing customer data is only available to the operational Dev-team, using a user-specific login requiring 2FA and a VPN-connection."
},
{
"questionId": 8,
"shortAnswer": true,
"detailedAnswer": "We have strict guidelines on what to log, and it's part of our PR review process to be very strict in that: only log what needs to be logged.\nWe make sure we keep user-data out of URLs that are posted to the server, as this would end up in access-logs."
},
{
"questionId": 9,
"shortAnswer": true,
"detailedAnswer": "Our monday-app does not rely on such auto-binding / ORM-layers. We sanitize requests using schema-validation, and make case-specific MongoDB-queries."
},
{
"questionId": 10,
"shortAnswer": true,
"detailedAnswer": "We ensure no \"user input\" is used to make redirects.\nWe also setup a very strict CSP to only allow loading scripts, images, and styles from our own server."
},
{
"questionId": 11,
"shortAnswer": true,
"detailedAnswer": "We're a Dutch (EU) company, so we have to comply with GDPR by law. Next to that, we are ISO27001 and ISO27701 (Privacy module) certified."
},
{
"questionId": 12,
"shortAnswer": false,
"detailedAnswer": "We are ISO27001 + ISO27701 certified though. We're thinking of adding SOC2 next year though as this helps to expand in the US where SOC2 is more common than ISO27001."
},
{
"questionId": 13,
"shortAnswer": false,
"detailedAnswer": "HIPAA is very much US-centered. This is not (yet) relevant for us."
},
{
"questionId": 14,
"shortAnswer": true,
"detailedAnswer": "[email protected]"
},
{
"questionId": 15,
"shortAnswer": true,
"detailedAnswer": "Periodic pen-test is required by the ISO27001 norm. We've set our interval to \"at least once a year\"."
}
],
"badges_data": {
"pricing_data": "Free",
"acquisition_source": "No touch",
"app_values": [
"Centralize your work on monday.com"
]
},
"data": {
"terms_of_service_url": "https://moreapp.com/assets/MoreApp-LA-EULA-DPA.pdf",
"is_connector": true
},
"keywords": "moreapp,\norder app,\ninspection checklist app,\ndigital form,\nwork order app,\nmobile forms app,\ndigital forms,\ninspection app,\nmaintenance log app,\ndigital checklist",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1718289265/monday-apps-marketplace/MoreApp%20Forms/Appcard_2_1.png",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1718289265/monday-apps-marketplace/MoreApp%20Forms/Monday_MoreApp_Icon.png",
"feedback_url": "https://help.moreapp.com/en/support/tickets/new",
"privacy_policy_url": "https://moreapp.com/en/privacy/",
"external_pricing_url": null,
"featured": null,
"security": null,
"display_in_template_store": null,
"acquisition_source": "No touch",
"terms_of_service_url": "https://moreapp.com/assets/MoreApp-LA-EULA-DPA.pdf",
"label": null,
"app_values": [
"Centralize your work on monday.com"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1718289274/monday-apps-marketplace/MoreApp%20Forms/App_gallery_image_1.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1718289274/monday-apps-marketplace/MoreApp%20Forms/App_gallery_image_2.png"
},
{
"url": "https://dapulse-res.cloudinary.com/image/upload/v1718289274/monday-apps-marketplace/MoreApp%20Forms/App_gallery_image_3.png"
}
],
"pricing_data": "Free",
"marketplace_developer_id": 10000215,
"app_id": 10099770,
"marketplace_category_ids": [
9,
7,
6
],
"name": "MoreApp Forms",
"app_scope_str": "boards:write,boards:read,me:read",
"app_client_id": "72925aaa7a9933d0d5de766c2c4f784c",
"app_color": {
"hsl": {
"h": 212.66666666666666,
"s": 0.517241379310345,
"l": 0.3411764705882353,
"a": 1
},
"hex": "#2a5384",
"rgb": {
"r": 42,
"g": 83,
"b": 132,
"a": 1
},
"hsv": {
"h": 212.66666666666666,
"s": 0.6818181818181819,
"v": 0.5176470588235295,
"a": 1
},
"oldHue": 199.99999999999997,
"source": "hex"
},
"created_at": "2024-06-13T14:34:57.335Z",
"updated_at": "2024-07-21T06:31:46.962Z",
"how_to_use_url": "https://help.moreapp.com/en/support/solutions/articles/13000105009-how-to-integrate-via-monday-com-moreapp",
"automation_app_id": null,
"plans": null,
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": null,
"app_type": "app",
"display": null,
"is_connector": true,
"google_analytics_tag_id": null,
"app_live_version": {
"updated_at": "2024-05-16T07:53:18Z",
"id": 10244382
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
