At the center of our business is the trust of the customers. Security is one of the top priorities, so our GPS tracking services, fleet management systems, and related data storage solutions are all designed to protect our users’ data and to introduce the highest level of security.
Some of the major security practices at Safee
In-Transit and At-Rest Encryption
All our customers’ data are protected in transit and at rest. In transit, all the services are introduced and can be accessed via TLS/256 Bit SSL connections, as the same protection level of banking, electronic commerce, and financial services. At rest, we employ RSA 2048 to secure the information and encrypt the stored data. All accounts’ passwords are hashed and all login pages are secured with brute force protections.
Safee applies the most advanced techniques of intrusion detection and attack monitoring, harnessing the power of firewalling in both levels, web application level, and network level. Additionally, we provide our platform with multiple DDoS defenses to make the customers benefit from our services securely and without any interruption.
Best Development Practices
Safee development team ensures that all coding and new features developing activities go through all security and functionality tests and analyses on staging procedures before being added to the final product, to ensure that our customers’ accounts be highly secure and isolated.
Your data are stored by Microsoft Azure Cloud and Google Cloud Platform which apply the most advanced physical security controls. Microsoft and Google datacenters which we use to host our cloud services and to store our customers’ data are located both in the European Union and in the United States.
Safee protects its product infrastructure against potential security threats by applying a well-designed and strictly controlled access model. Employees are granted access to the service environments based on their role in the company on an RBAC Role-Based Access Controls basis.
Bug Bounty Program
We run a bug bounty program on regular basis to give an opportunity for the researchers and security experts to provide us with reports about the vulnerabilities they see in our services. So, we can address any emerging issue earlier and be able to provide our customers with the best and most secure experience ever.
Safee services are hosted by Microsoft Azure and Google Cloud Platform which are both SOC 2 II and ISO 27K certified cloud services providers. Some of the applied physical security protections at our datacenters are: video surveillance, biometric scanners, highly skilled security guards, and sophisticated access controls.
We apply standardized incident response procedures, and our development team has constructed robust structures of system logging, data sources investigating, and security incident processing, to guarantee that only the right decisions are made in all situations.
Our security team implements a comprehensive coverage vulnerability scanning over all the layers of the product infrastructure, leveraging the most advanced industry-recommended tools and assessment approaches.
Safee employs the most recognized third parties in the web application security industry to perform 4 penetration tests a year, in order to identify security flaws that might expose potential risks to our operations and to address any issue earlier.
Compliance with GDPR
Safee is completely compliant with the General Data Protection Regulation GDPR of the European Union, ensuring that the data of our customers are fully protected. With Safee you are able to choose to store your data in the servers run by Microsoft Azure Cloud or Google Cloud Platform and located specifically in the European Union.
In Country Cloud Servers
For complying with data privacy laws and regulations in the different countries around the globe, enterprise users of Safee can choose the geographical location of the hosting cloud server in any part in the world.
Protection from Spam
Safee introduces powerful options to protect your data from spammers. Such as: one access request from one IP address or one computer, Captchas, unique URLs, and service lock after a specific number of requests or period of time.
All our employees and vendors have to sign a confidentiality agreement before cooperation. We organize annual educational security training programs for all our employees. Additionally, we arrange secure programming training courses on a monthly basis for our software developers specifically.
Our strategy of business continuity and disaster recovery relies basically on infrastructure redundancy, real-time replication, and regular backups. Safee applies a strong backup policy, so your data are replicated regularly and in real-time between several servers from Microsoft Azure Cloud and Google Cloud Platform, which are strategically distributed across different zones.
For more information about the security and risk management at Safee
Arabic : هذا المنشور متوفر أيضاً باللغة