SabeeApp has been developed to be cloud based which has lots of positive aspects. All you need is an internet connection, web browser and an active SabeeApp Account. SabeeApp can not be installed on a computer therefore certain functions, services work differently to an old on premise software.
SabeeApp program does not run on a physical server, instead on AWS (Amazon Web Services) cloud infrastructure, which is a SAAS (Software as a Service) platform detailed below.
SabeeApp is using a so-called shared database and code base, or in other word is facilitating a multi-tenant infrastructure. This means that more customers are connected to one database. We are using a shared database and a code base and all of our customers are using this code base or this type of installation. One of the main advantages of this is that every customer is using the most up to date version of the software. Of course this does not mean that due to this structure the security is being compromised at all. We also use different user permissions in SabeeApp and in a shared multi-tenant system a customer can be identified like a different user account.
SabeeApp software is facilitated by the cloud system of AWS (Amazon Web Services) in their amazon data centre in Ireland. All services used by AWS are based on multi-zones so that if one zone is out of order the rest of the system can overtake the whole running.
As it is a cloud based system losing data can occur if the fault or problem is related to the database or the file system where pdf or other documents are stored.
The following protocols, solutions are in place in order to minimize the risk of data loss:
At SabeeApp every incident is solved by following a strict protocol and then documented. This protocol is available for every SabeeApp employee for internal use.
We use the following processes in case of an incident:
Due to the AWS cloud system administration, updating, and security issues of the servers are the responsibility of Amazon engineers. The attacking point is minimized as much as possible due to the big engineering and the security team.
Login credentials to AWS are only given to colleagues for a good reason and they are only allowed to use it with strict security measures ( using strict password and MFA)
With the help of a third party we are regularly doing black and grey box penetration tests in order to identify the system’s vulnerability.
We are also regularly analyzing the code security and quality with the SonarQube tool.
All data traffic is encrypted with at least TLS 1.2 encryption and every data that we store is encrypted.
All passwords stored by SabeeApp are hashed, we never store any password or secretive data as text.
Logging the performance of the internal system is based on multi level.
SabeeApp group are facilitated by the following legal entities:
thePass Kft - Hungary, 1061 Budapest, Király utca 32
SabeeApp LTD - United Kingdom, Hova House, 1 Hova Villas, Brighton and Hove, BN3 3DH