At the center of our business is the trust of the customers. Security is one of the top priorities, so our GPS tracking services, fleet management systems, and related data storage solutions are all designed to protect our users’ data and introduce the highest level of security.
Some of the major security practices at Safee
In-Transit and At-Rest Encryption
All our customers’ data are protected in transit and at rest. In transit, all the services are introduced and can be accessed via TLS/256 Bit SSL connections, as the same protection level of banking, electronic commerce, and financial services. At rest, we employ RSA 2048 to secure the information and encrypt the stored data. All accounts’ passwords are hashed and all login pages are secured with brute force protections.
Network Firewall
Safee applies the most advanced techniques of intrusion detection and attack monitoring, harnessing the power of firewalling at both levels, web application level, and network level. Additionally, we provide our platform with multiple DDoS defenses to make the customers benefit from our services securely and without any interruption.
Best Development Practices
Safee development team ensures that all coding and new features developing activities go through all security and functionality tests and analyses on staging procedures before being added to the final product, to ensure that our customers’ accounts be highly secure and isolated.
Datacenter Security
Your data are stored by Microsoft Azure Cloud, Google Cloud Platform, and Oracle Cloud Infrastructure which apply the most advanced physical security controls. Microsoft, Google, and Oracle cloud data centers which we use to host our services and to store customers’ data are located in the United States, the European Union, and the Gulf Region.
Access Permissions
Safee protects its product infrastructure against potential security threats by applying a well-designed and strictly controlled access model. Employees are granted access to the service environments based on their role in the company on an RBAC Role-Based Access Controls basis.
Bug Bounty Program
We run a bug bounty program on regular basis to give opportunity for researchers and security experts to provide us with reports about the vulnerabilities they see in our services. So, we can address any emerging issue earlier and be able to provide our customers with the best and most secure experience ever.
Physical Security
Safee services are hosted by Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure which are SOC 2 II and ISO 27K certified cloud service providers. Some of the applied physical security protections at our data centers are video surveillance, biometric scanners, highly skilled security guards, and sophisticated access controls.
Incident Response
We apply standardized incident response procedures, and our development team has constructed robust structures of system logging, data sources investigation, and security incident processing, to guarantee that only the right decisions are made in all situations.
Vulnerabilities Assessment
Our security team implements a comprehensive coverage vulnerability scanning over all the layers of the product infrastructure, leveraging the most advanced industry-recommended tools and assessment approaches.
Penetration Testing
Safee employs recognized third parties in the web application security industry to perform 4 penetration tests a year, in order to identify security flaws that might expose potential risks to our operations and to address any issues earlier.
Compliance with GDPR
Safee is completely compliant with the General Data Protection Regulation GDPR of the European Union, ensuring that the data of our customers are fully protected. With Safee you are able to choose to store your data in the servers run by Microsoft Azure Cloud or Google Cloud Platform or Oracle Cloud Infrastructure that are located specifically in the European Union.
In Country Cloud Servers
For complying with data privacy laws and regulations in different countries around the globe, enterprise users of Safee can choose the geographical location of the hosting cloud server in any part of the world.
Datacenter Compliance
Learn more about compliance at Microsoft Azure
https://docs.microsoft.com/en-us/azure/compliance
Learn more about compliance at Google Cloud Platform
https://cloud.google.com/security/compliance
Learn more about compliance at Oracle Cloud Infrastructure
https://www.oracle.com/corporate/cloud-compliance
Protection from Spam
Safee introduces powerful options to protect your data from spammers. Options such as one access request from one IP address or one computer, Captchas, unique URLs, and service lock after a specific number of requests or period of time.
HR Security
All our employees and vendors have to sign a confidentiality agreement before cooperation. We organize annual educational security training programs for all our employees. Additionally, we arrange secure programming training courses on a monthly basis for our software developers specifically.
Business Continuity
Our strategy of business continuity and disaster recovery relies basically on infrastructure redundancy, real-time replication, and regular backups. Safee applies a strong backup policy, so your data are replicated regularly and in real-time between several servers from Microsoft Azure Cloud, Google Cloud Platform, and Oracle Cloud Infrastructure which are strategically distributed across different zones.