Security At Safee

At the center of our business is the trust of the customers. Security is one of the top priorities, so our GPS tracking services, fleet management systems, and related data storage solutions are all designed to protect our users’ data and introduce the highest level of security.

Some of the major security practices at Safee

All our customers’ data are protected in transit and at rest. In transit, all the services are introduced and can be accessed via TLS/256 Bit SSL connections, as the same protection level of banking, electronic commerce, and financial services. At rest, we employ RSA 2048 to secure the information and encrypt the stored data. All accounts’ passwords are hashed and all login pages are secured with brute force protections.

Safee applies the most advanced techniques of intrusion detection and attack monitoring, harnessing the power of firewalling at both levels, web application level, and network level. Additionally, we provide our platform with multiple DDoS defenses to make the customers benefit from our services securely and without any interruption.

Safee development team ensures that all coding and new features developing activities go through all security and functionality tests and analyses on staging procedures before being added to the final product, to ensure that our customers’ accounts be highly secure and isolated.

Your data are stored by Microsoft Azure Cloud, Google Cloud Platform, and Oracle Cloud Infrastructure which apply the most advanced physical security controls. Microsoft, Google, and Oracle cloud data centers which we use to host our services and to store customers’ data are located in the United States, the European Union, and the Gulf Region.

Safee protects its product infrastructure against potential security threats by applying a well-designed and strictly controlled access model. Employees are granted access to the service environments based on their role in the company on an RBAC Role-Based Access Controls basis.

We run a bug bounty program on regular basis to give opportunity for researchers and security experts to provide us with reports about the vulnerabilities they see in our services. So, we can address any emerging issue earlier and be able to provide our customers with the best and most secure experience ever.

Safee services are hosted by Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure which are SOC 2 II and ISO 27K certified cloud service providers. Some of the applied physical security protections at our data centers are video surveillance, biometric scanners, highly skilled security guards, and sophisticated access controls.

We apply standardized incident response procedures, and our development team has constructed robust structures of system logging, data sources investigation, and security incident processing, to guarantee that only the right decisions are made in all situations.

Our security team implements a comprehensive coverage vulnerability scanning over all the layers of the product infrastructure, leveraging the most advanced industry-recommended tools and assessment approaches.

Safee employs recognized third parties in the web application security industry to perform 4 penetration tests a year, in order to identify security flaws that might expose potential risks to our operations and to address any issues earlier.

Safee is completely compliant with the General Data Protection Regulation GDPR of the European Union, ensuring that the data of our customers are fully protected. With Safee you are able to choose to store your data in the servers run by Microsoft Azure Cloud or Google Cloud Platform or Oracle Cloud Infrastructure that are located specifically in the European Union.

For complying with data privacy laws and regulations in different countries around the globe, enterprise users of Safee can choose the geographical location of the hosting cloud server in any part of the world.

Learn more about compliance at Microsoft Azure
https://docs.microsoft.com/en-us/azure/compliance

Learn more about compliance at Google Cloud Platform
https://cloud.google.com/security/compliance

Learn more about compliance at Oracle Cloud Infrastructure
https://www.oracle.com/corporate/cloud-compliance

Safee introduces powerful options to protect your data from spammers. Options such as one access request from one IP address or one computer, Captchas, unique URLs, and service lock after a specific number of requests or period of time.

All our employees and vendors have to sign a confidentiality agreement before cooperation. We organize annual educational security training programs for all our employees. Additionally, we arrange secure programming training courses on a monthly basis for our software developers specifically.

Our strategy of business continuity and disaster recovery relies basically on infrastructure redundancy, real-time replication, and regular backups. Safee applies a strong backup policy, so your data are replicated regularly and in real-time between several servers from Microsoft Azure Cloud, Google Cloud Platform, and Oracle Cloud Infrastructure which are strategically distributed across different zones.