Security and Compliance
ISO 27001:2013
Sablono prioritizes security and compliance with our rigorous standards and annual independent auditing and testing to provide peace of mind for our users.
ISO 27001:2013
Sablono GmbH, a leading provider of construction project management software, has ISO 27001:2013 certification. This internationally recognized standard sets the framework for an effective information security management system (ISMS) and demonstrates Sablono's commitment to maintaining the highest levels of data security. The certification is a significant milestone for Sablono, as it confirms that the company has implemented robust security controls to protect customer data and ensure the confidentiality, integrity, and availability of information. With this certification, Sablono has further strengthened its position as a trusted partner for construction companies looking to improve their project management processes while maintaining the highest standards of data security.
Secure software development
Experience peace of mind knowing that our applications are built with the highest standards of secure system development, meticulously applied across all architectural layers and throughout the entire life cycle of the application, with changes to the code undergoing a defined and documented process. As an added layer of security, our development, testing, and production environments are strictly separated to ensure optimal performance and protection of your sensitive data.
Penetration testing
We take security seriously, which is why we undergo an annual, independent penetration testing conducted by a third-party agency to identify any potential vulnerabilities. Our team supplies the agency with access to a dedicated testing environment and in-depth information about the architecture of our application, all while ensuring the protection of your sensitive customer data. Rest assured that your information is always kept confidential and secure with Sablono.
Trusted as a secure partner by the best in the industry
Vulnerability disclosure
While Sablono currently does not offer a bug bounty program and does not provide monetary compensation for disclosed vulnerabilities, we highly value any reports we receive. Our team is dedicated to ensuring the utmost security of our platform, and we appreciate your efforts in helping us identify and address any potential vulnerabilities. We commit to thoroughly investigating and promptly resolving reported vulnerabilities as part of our commitment to information security. To report any vulnerabilities, please reach out to us at office(at)sablono.com. Your contribution to our platform's security is greatly appreciated.
Backup and recovery
At Sablono, we adhere to the widely recognized 3-2-1 rule, often referred to as the golden rule for backups. This rule emphasizes the importance of maintaining multiple copies or versions of data to ensure its safety. Accordingly, we implement three copies of our data, which are consistently backed up on two distinct storage media. Furthermore, to provide an extra layer of protection, one of these storage locations is situated in a separate geographic location.
To guarantee the integrity of our systems, we conduct regular backups of all our infrastructure, supporting a recovery point objective of 1 day. These backups are securely stored in redundant locations within the European Union (EU). By following these robust data security practices, we prioritize the preservation and availability of your information.
Network security
To safeguard the network resources of our product, we employ a comprehensive security approach. At the server level, we implement a firewall that effectively controls both inbound and outbound traffic, regulating protocols and ports. Additionally, we employ an application-level firewall service, which diligently monitors incoming traffic directed towards product-related endpoints such as our load balancers.
Furthermore, our network is structured into private and public subnets, each serving specific purposes. Only the public subnets are accessible through the internet gateway, ensuring a secure and controlled connection to our systems. These measures collectively fortify the protection of our network, guaranteeing the integrity and reliability of our product resources.
Access control
At Sablono, we prioritize the confidentiality of our data by implementing robust access control measures that adhere to the principle of least privileges. This means that our employees are granted access only to the specific information and information systems required for their designated tasks. We follow a diligent practice of regularly reviewing access rights, ensuring that they are aligned with job responsibilities. Additionally, when an employee leaves our organization, access privileges are promptly withdrawn as part of our offboarding process. By strictly adhering to these access control protocols, we maintain a high level of confidentiality and data security within our organization.
Encryption
At Sablono, we prioritize the security of your data both in transit and at rest. When traffic travels from the public internet to our platform, it is encrypted to ensure its confidentiality. Our web services exclusively utilize HTTPS protocols, specifically TLS v1.2 and v1.3, to establish secure connections. This guarantees that your information remains protected during transmission.
Furthermore, we employ state-of-the-art encryption protocols, specifically AES-256, to encrypt data at rest. This robust encryption ensures that your data remains safeguarded even when stored within our systems. Additionally, all backups of your data are fully encrypted, providing an additional layer of protection. With these comprehensive encryption measures in place, we prioritize the security and privacy of your data throughout its entire lifecycle.
Protection against Malware
At Sablono, we maintain a strong defense against malware at both the network and application levels. We have implemented robust security systems that proactively detect and protect against malware threats. These systems are regularly updated to ensure they stay up-to-date with the latest security measures and effectively mitigate emerging threats. By automatically updating our security systems, we maintain a resilient barrier against malware, safeguarding the integrity and security of our network and applications.
Hosting
At Sablono, we prioritize the security and integrity of your data by hosting it in ISO 27001 certified data centers located in the European Union (EU).
Our platform is hosted on ISO 27001 certified data centers provided by AWS, a trusted cloud service provider. The primary hosting region for Sablono is Frankfurt, ensuring reliable and efficient performance. Additionally, to enhance data protection, copies of backups are securely stored in Paris.
It's important to note that Sablono does not have physical access to AWS data centers. Instead, we adhere to strict access control policies that govern logical access to the cloud provider's infrastructure. By following these policies, we maintain a secure and controlled environment, ensuring the confidentiality and availability of your data.