Security Measures of Snoobi
Here you will find answers to the most frequently asked questions about the measures that Snoobi B.V. takes with regard to the security of data.
1. Access by employees
- Customer and account data are only accessible to employees who need it for the execution of their work, for example service, technical support or for consulting.
- All employees of Snoobi B.V. have specific clauses in the employment contract about the confidentiality of customer data.
- All access to Snoobi accounts by any Snoobi employee is collected in detail in a log.
- There are internal rules about handling customer data and Snoobi accounts. Customer data is also never shared with third parties without explicit approval.
- The Snoobi workstations are equipped with encryption, secure networks and firewalls, are checked regularly and provided with the latest security updates.
- All employees of Snoobi B.V. participate in safety and privacy training as part of the training program for new employees and at least once per quarter.
- The production and development environment of Snoobi is protected from access by non-technical staff and has a higher level of access protection. All access is further monitored and logged
2. Data centers, security and storage
- The Snoobi Servers are hosted within Europe on Amazon Web Services in Ireland and Germany. No data is stored outside Europe. For certain countries like Finland, data is exclusivelt stored within the country itself
- Information about Amazon’s security measures can be found at https://aws.amazon.com/security/ and https://aws.amazon.com/compliance/Encryption.
- Access to websites, Snoobi applications and APIs are always secured with HTTPS.
- The data that is sent between integrations such as Zapier and other links is always protected with HTTPS.
- Input and output data transmission is always secured with HTTPS encryption (TLS 1.2 – 1.0, RSA with AES128 GCM SHA256).
3. Availability, server security and monitors
Snoobi constantly monitors the network of Snoobi applications and websites.
- We monitor errors, availability, network delays, system load and usage.
- We have safe, duplicated critical databases, so that information cannot be lost if a failure arises before a subsequent backup.
- We back up our customer and account data (at least) every four hours.
- We regularly test the integrity of our backup procedures and recoverability.
- The Snoobi production environment is based on the fault-tolerant systems at Amazon Web Services (AWS Availability Zones and Load-balancing).
- Our technical staff are available 24 × 7 and are automatically alerted to errors and warnings in case of overload.
- Databases, cache servers and other parts of the production environment are only available through specific gateways that impose restrictions on which data can be accessed and by which staff member.
- We have automated systems to analyze suspicious network activity or denial-of-service attacks and, where possible, counteract them.
4. Security by the user / user level
- With Snoobi’s management of users, administrator and access control to specific reports and regular e-mail reports, the customer can independently manage the access to the data collected by Snoobi.
- There are two user levels: Administrator for all access and customization of Snoobi settings, and User for employees at the customer who have to use the metrics and reports in Snoobi.
- Snoobi also monitors the use of the Snoobi reports for suspicious activity. For example, if large amounts of data are exported from Snoobi, this can be noticed and the Administrator at the customer can be informed.
- With API or direct data access, all actions are logged and for suspicious unauthorized access the access is immediately stopped.
Snoobi regularly updates these security measures on the basis of the latest technical possibilities.
Snoobi users must report incidents via the e-mail address firstname.lastname@example.org or by telephone to +31 20 3456820.