SNAPPII SECURITY ARCHITECTURE - SUMMARY
This document describes how Snappii secures its servers and Apps created and running on the Snappii Mobility Platform.
Our platform servers are hosted at a reputable hosting company called Codero. Codero hosts servers for many companies such as NBC, American Express, Delta Airlines, and many others. The hosting is SSAE 16 (SAS 70) compliant and certified. Additionally we use Windows Firewall on each server for further security. For example we disallow remote access to the database engine which is powered by MS SQL Server.
We leverage Codero server protection plan that includes:
- Financial risk management protection
- Bandwidth Overage Fees Waived (for a validated attack)
Snappii has built many security measures into the mobility platform and Apps themselves:
- All communications between Snappii Apps and Servers are encrypted. We encrypt requests manually using Rijndael Encryption Algorithm.
- Snappii Apps can take advantage of ACLs (access control lists) which control access rights by groups and individuals. This enables us to create a single App with different features for different types of users.
- We enable App creators to control where App data is being stored. The options are:
- Locally on device
- Cloud Server database provided by Snappii
- Cloud storage e.g. Box, Google Drive, Dropbox, Microsoft OneDrive
- Relational DBMS Oracle, SQL, My SQL
- CRM and ERP systems. e.g. Salesforce, SAP
- We encrypt Snappii users’ passwords that they use for Snappii platform and their own Apple and Google Developer accounts.