January 2025 Update

Technical documentation

Preamble

This document presents all the security measures put in place to ensure the integrity, confidentiality and availability of data in our SaaS (Software as a Service) enterprise social network solution. It is structured into nine main sections, each of which covers a fundamental aspect of product safety:

Technical stack

Roomee is a SaaS (software as a service) platform divided into two main parts (Frontend and Backend) around which a number of tools and mechanisms are built around which offer a complete experience both for our customers and for our internal teams. This section details the elements used to build the Roomee platform.

Frontend (User Interface)

  • Dashboard : Vite (React) + TypeScript
  • Mobile : Flutter

Backend (Server side)

  • NodeJS + TypeScript micro services

Database

  • MongoDB Atlas + Google Cloud Platform

The rest of the document details all operational, organizational and technical security devices.

Authentication & Access Management

Access to the platform and its various functionalities is guaranteed by authentication as well as the use of tokens generated per user session.

Authentication methods

  • Authentication via email and secure password (hashed with bcrypt)
  • Mobile: Activation of native biometric elements in order to secure access

Managing sessions

  • Token generation (access and refresh) with limited lifespan (24 hours and 2 weeks respectively)
  • Sessions protected by HttpOnly and Secure cookies for the dashboard
  • Sessions protected by Secure Storage and biometrics for the mobile application

Role-based access control

  • Roles defined by users and directly configurable by the customer. Predefined roles are available when the account is created
  • Granular permissions on functionalities (creation, editing, deletion, access to specific content, etc.)
Data Architecture & Isolation

Single-tenant architecture

  • All data is stored in the same database
  • Data is replicated on at least one replication basis
  • Data is backed up once a day so that it can be restored in case of an incident.
  • Each backup remains available for 30 days

Isolation of environments

  • Completely separate development, test, and production environments
  • Anonymized or fictional test data to ensure confidentiality

Partitioning access to data

  • Use of strict filters in queries to ensure data isolation
  • Access to data checked systematically via session tokens as well as organization identifiers (customer identifier + workspace identifier)
  • No possible access by one customer to the data of another customer

Technical infrastructure

Frontend:

  • Access to the dashboard is subject to authentication + permissions defined in the user role + data access filters according to the assignments made by the customer
  • Access to the mobile application (iOS & Android) is subject to authentication + permissions defined in the user's role + data access filters according to the assignments made by the customer

Backend:

  • All API requests are accessible only by authentication (API token + access refresh token)

Database:

  • MongoDB Atlas with a dedicated user (in the sense of database administrator) per environment (Dev, Staging, Prod)
  • Access to data can only be done through APIs for platform users and remains subject to the rules mentioned above.
  • Each environment has its own database (no sharing between environments)
Encryption

Encryption in transit

  • All client-server communications are protected by TLS 1.2 or higher
  • HSTS enabled to force the use of HTTPS

Encryption at rest

  • Sensitive data encrypted in a database with AES-256
  • Backups are also encrypted to ensure their confidentiality

Secrets Management

  • Secure storage via a secret management system (Infisical)
  • Regular rotation of sensitive keys to limit risks in case of compromise
API security

API call authentication

  • Combined use of:
    • API token (linked to the customer account)
    • User access token (JWT)
  • Centralized and mandatory verification via an authentication middleware

Validation of entries

  • The data entered by users is checked and “sanitized” to ensure their consistency and integrity

CORS & Security Headers

  • Restrictive CORS policy
  • Use of specific headers to secure client-server exchanges

Management of environments

  • Strict isolation of APIs, tokens and logs by environment to avoid contamination
Audit & Traceability

Journaling

  • Activity and security logs stored and accessible to administrators
  • Possible filters by user, action, date to facilitate analysis

Anomaly detection

  • Monitoring of brute-force attempts, suspicious multi-login
  • Alert system configured for administrators in case of suspicious activity
Threat Protection

Form security

  • Integrated CSRF Token
  • XSS prevention through systematic encoding

Anti-DDoS & application firewall

  • Cloudflare protection

Active surveillance

  • Ongoing security scans to detect vulnerabilities
  • Penetration tests scheduled regularly
Infrastructure & Hosting

Data location

  • The servers and data are hosted as close as possible to our customers. For customers based in Europe, hosting is entirely established on servers in Europe (London, Paris or Frankfurt) complying with RGPD standards

Redundancy & backups

  • Encrypted daily backups
  • Regular restore tests to ensure the integrity of backups
  • Horizontal and/or vertical scaling mechanism on demand in case of high traffic on the platform

Maintenance & updates

  • Our development dependencies are updated regularly to correct known vulnerabilities.

CI/CD deployment

  • Mobile: GitHub + Codemagic
  • Web dashboard: GitHub + Vercel
  • Backend: GitHub + Koyeb

Monitoring & resilience

  • The APIs are monitored via the tools provided by Koyeb and Uptime Kuma for their availability.
  • Errors are handled via Sentry
  • Application logs (Dashboard + Mobile) are managed by Google Cloud Logs + Amplitude
Compliance & certifications

RGPD

  • End-user rights management portal
  • Dedicated DPO (Data Protection Officer)
  • Register of treatments accessible in accordance with regulations
  • For more information on our RGPD policy click hither
Access Governance and Supervision

Governance principles

  • Access to the back office and infrastructure limited to authorized persons (restricted team identified within Roomee)

Supervision of sensitive accesses

  • Each administrative access is logged to ensure traceability
  • Double validation for critical actions (e.g. account deletion)

Access life cycle

  • Automatic creation and removal of accesses linked to onboarding/offboarding
  • Regular review of rights by the security team to avoid the accumulation of inappropriate privileges