Personnel practices
All Saberr's employees and partners follow a security policy to keep everybody's data secure.
We use two-factor authentication to log into important systems like databases and communication platforms.
We encrypt the hard drives of our computers, so that data is safe even if they're lost.
We keep our computers up to date with the latest security updates.
We use role-based access controls to limit our access to the minimum needed to do our jobs.
We use password managers so that all of our passwords are strong and different between sites.
Databases
Your data is encrypted at rest in our databases.
Our systems interoperate inside a Virtual Private Cloud, and your data is always encrypted "in flight" outside of that.
All of our apps and APIs use HTTPS, and if you try to use insecure HTTP you'll be automatically redirected.
We use various methods to protect data against brute-force attacks.
We keep rolling backups of databases, to prevent permanent data loss.
In our apps
Base enforces strong passwords for users, whilst CoachBot is passwordless and you log in by getting an email.
Users are assigned permissions that control who can see and change which data.
Writing code and preventing errors
We use and review logs to identify and fix code bugs.
When we write new code, we review each other's code to check and improve it.
We include tests for each bit of code to make sure it continues to work as expected in the future, even with unexpected or adversarial inputs.