Fiabee can be provided with three different hosting models:
As SaaS from the US Amazon AWS infrastructure (EC2/S3), with data being replicated across different data centers. Amazon AWS is certified in ISO 27001, SAS70 Type II, PCI DSS Level 1 certifications.
On Premise: in the case that a big corporation, government, healthcare or financial institution requests a deployment in its own infrastructure for regulatory requirements.
As a private cloud from different cloud providers: the platform can be licensed and deployed in separated instances in different cloud providers: Amazon, HP Cloud, Windows Azure, Rackspace, etc.
TLS 1.0 (SSL 3.1) is used to encrypt files during transmission from/to the servers, including mobile devices, desktop and web apps.
The user password is encrypted using a modified hash.
The files are encrypted at rest in Amazon S3 with Server Side Encryption (AES-256).
Remote Wipe (not only mobile devices but also laptops)
Mobile devices as smartphones and tablets, as well as laptops are devices that can be easily lost or even be stolen. Fiabee allows a remote wipe of the content stored on the mobile device and associated with the user account directly from the Fiabee Web interface or from the management console.
Sharing folders with a group of users
An automatic email is sent to the users with the format https://fiabee.com/user/folder/share/accept/W, where “W” is a 60 character long random value. It does not contain a username, file name or any other sensitive information. the owner has always the control over the shared folders, and can revoke permissions at any time. The user always sees which users are accessing his files.
Sharing files with public links
The URL of a published file has the format: https://fiabee.com/shared-links/X, where “X” is a 24 character long random value. It does not contain a username, file name or any other sensitive information.
Individual password and expiration time
When sharing individual files, the user can set an individual password and an expiration time for the share-links generated.
On the Application (other features)
There are also some security features like backup of the contacts and photos contained in the mobile device, set local passcode to access the mobile app, local encryption of the user credentials, assign and revoke individual permissions for shared folders.
Every installation requires the user to provide user and password each time he installs the app. A list of all devices currently linked to the account is provided via the web interface. Using the web interface, the user can unlink devices, generating a remote wipe of all the files and information contained at the Fiabee mobile app and device.
Fiabee has a high update frequency and automatically updates the client software without any user interaction preventing from installing outdated clients.
Registration and login
The registration and the login process continuously use secure communication channels (SSL/TLS). Password rules demand a minimum set of characters.
The admin can generate a random password of one-time. The password is encrypted using a modified hash. Thus no one except the user can know the password.
Fiabee provided with a SaaS model runs on Amazon EC2/S3, that provides a set of security features and certifications. You can find detailed info here: http://aws.amazon.com/security/.