At Happeo, Security and trust are built into the fabric of our intranet product. To keep your data safe and private, we certify with industry-accepted standards, so you can rest assured that your most sensitive data is protected 24/7 in the cloud.
All your user data is stored securely in Google Cloud, so it benefits from Google Cloud's security model and world-scale infrastructure. Google takes security very seriously and uses many critical security features. Google Cloud offers security protections that you would probably not be able to engineer yourself. With Google Cloud's technology, all your files and other data are stored on servers in secure data centers.
Happeo has achieved the ISO 27001 certification – the international standard that helps organizations to manage their information security. The ISO 27001 certification shows that an organization has invested in the people, processes, and technology (e.g. tools and systems) to protect organization's data. The ISO 27001 certification also reflects Happeo’s ongoing commitment to rigid security protocols and processes.
The EU General Data Protection Regulation (GDPR) strengthens the rights that EU citizens have over their data. Happeo with Google’s G Suite and GCP are committed to GDPR compliance. We keep your data in its own sandboxed space and only store the personal data required for your work environment. Any data we do store is fully protected with Google’s industry-leading security features.
Single Sign-on with Happeo
Happeo supports single-sign-on (SSO), an important cloud security technology that reduces all user application logins to one login. With SSO users can already login with their workplace credentials. This offers greater protection from unauthorized users accessing sensitive company data while allowing full convenience to employees.
SAML authentication
Happeo supports SAML (Security Assertion Markup Language), an open standard for exchanging authentication and authorization data between parties. SAML enables the use of Single Sign-On and makes users’ lives easier and safer because one set of credentials can be used to log in to many different websites.
Google Cloud consists of Google Cloud Storage, an enterprise solution for developers, and Google Drive, a solution built for G Suite users and personal use. Google Cloud is a very secure way to store and transfer private and organizational data. Google Cloud’s security model keeps your data secure and compliant. The files added to the app of Google Drive are stored on servers in secure data centers. With Google Cloud storage all data is encrypted during the transfer and while stored on the Google servers. Furthermore, the security team of Google works 24/7 making the data centers one of the safest places for data to live.
Google uses security protection so all your data is stored and transferred securely. The most important layers of this security protection are:
Physical security-Data center: Google’s data centers are highly secure by using 6 layers of security to prevent any unauthorized access.
Custom hardware and trusted booting: By designing and building every element in-house Google protects itself against any security attacks named “privileged access attacks”.
Data disposal: The data destruction process for persistent disks and other storage devices involves several steps and is audited by Google regularly.
Data encryption: By default, all customer data is encrypted - while storing and transferring. The encryption is automatic, and it requires no action on the user’s part.
Secure service deployment: A service refers to the application binary that a developer writes and runs on infrastructure.
Secure interservice communication: Inter-service communication refers to GCP’s resources and services talking to each other.
In-built DDoS protections: Precautions against Distributed Denial-of-Service attacks are already built into many GCP services.
ISO 27001 is the international standard for information security management systems and was developed to handle information security. ISO 27001 helps organizations to protect sensitive information like employee and client information or other private information in a systematic and cost-effective way by using an information security management system.
Companies can get an ISO 27001 certification to prove to their customers and partners that they follow best practices of information security and safeguarding data.
GDPR stands for General Data Protection Regulation and is about Europe's new data privacy and security laws. The regulations cover hundreds of pages about new obligations and requirements for organizations around the world and how they have to target or collect data related to people in the EU.
The GDPR imposes obligations on organizations worldwide on how to collect and protect personal data and privacy of citizens living in the EU. GDPR compliance is a requirement for every organization that collects and stores personal data. Non-compliance results in penalties of up to millions of euros.
SSO stands for Single Sign-on. SSO authentication enables users to use one set of login credentials to securely authenticate with multiple apps and websites.
With SSO authentication several different application login screens are combined into one. The advantage of SSO is that users only need to enter a one-time username and password to access all websites, software, or apps. There are 6 steps to understand:
1. The user arrives on the website (app or software) he wants to use
2. The site sends the user to a central SSO login tool and the user needs to sign in with a username and password
3. The SSO domain authenticates username and password, validates the user, and creates an authentication token that remembers that the user is verified
4. The user is sent back to the original site, and the token acts as proof that they’ve been authenticated
5. Any app the user accesses will check with the SSO service
6. This grants the user access to associated websites, apps, or software that share the central SSO domain
Happeo promises top-notch security for your organization. In May 2019 Happeo got the ISO 27001 certification which is the international standard for best practices in IT security management systems. The certification reflects that Happeo is committed to maintaining rigorous security processes and protocols that keep your organization's data secure.
Happeo has obtained the ISO 27001 certification, a certification for security standards that secures that Happeo maintains the most important security processes and protocols. Furthermore, Happeo was audited by the global specialist in testing, inspection, and certification (TIC) Kiwa Inspecta, who classified Happeo as trustworthy. The overall goal of TIC is to create trust in products, services, processes, management systems, and people's performance.