Security by Design: How the Widget Builder Meets Compliance Requirements
“IT Compliance Has Concerns” – Now What?
This sentence stops intranet projects more reliably than any technical hurdle. Editorial teams want to add a new widget and end up in weeks-long approval loops. Security review, data protection assessment, architecture evaluation. By the time approval comes through, the occasion has often passed.
The real problem goes deeper: many widget solutions are a black box for IT departments. Unclear where data flows. Unclear who has access. Unclear what happens during an update. No wonder compliance officers react with scepticism.
Security as an Architectural Principle, Not an Afterthought
The Widget Builder for Staffbase takes a different approach: security isn’t a feature bolted on after the fact – it’s part of the core architecture. Three principles are at its heart:
1. No Data Leaves Your Infrastructure
Widgets act as a pure display layer. They access existing data sources (Microsoft 365, internal databases, other source systems) without transferring information to external servers. There’s no intermediate storage with third parties, no copies of your data outside your systems.
For GDPR assessments, this means: when no data leaves the organisation, data processing agreements and third-country assessments for the widget layer become unnecessary.
2. Permissions Are Inherited, Not Duplicated
The Widget Builder inherits permissions directly from Staffbase. Anyone who can’t see certain content on the platform won’t see it in the widget either. No separate access management is required.
This eliminates a common vulnerability: no separate access lists that could drift out of sync with the platform.
3. Least Privilege for API Access
Each widget only receives access to the data fields it actually needs. A widget for shift schedules sees only shift data – not salaries, not contract details, not personnel files. Even in the event of a manipulation attempt, access remains restricted to the configured minimum.
What Compliance Officers Need to Know
This architecture was designed for audit scenarios:
- Traceable data flows: Every API call is documented. No hidden connections, no undocumented data streams.
- Complete access logs: All widget calls are logged and available for internal audits and external reviews.
- Clear responsibilities: Security parameters are owned by IT, content design by the editorial team. Cleanly separated and fully traceable.
For organisations with ISO 27001 certification or industry-specific regulations, this is a decisive advantage: security documentation can be integrated directly into existing audit processes.
Next Step
Want to know how the Widget Builder fits into your security architecture? We’ll show you the technical architecture in a short demo: data flows, the permissions model, and audit logging.