Skip to content

SabeeApp
Software Suite

All the tools you'll need to automate your hotel operations and grow your business.

icon-calendar
PMS

Efficient daily operations for hotels.

icon-globe-click
Booking Engine

Commission-free direct bookings.

icon-linked-phone
Smart Solutions

Online check-in, Housekeeping and more.

icon-cloud-page
Channel Manager

Synchronised online distribution.

icon-credit-card
SabeePay

Multichannel payment solutions.

icon-group-chat
Unified Inbox

Centralised guest communication.

SabeeApp
Software Suite

All the tools you'll need to automate your hotel operations and grow your business.

menu-icon-hotel-flow

Hotels

Digital solutions for independent hoteliers.
menu-icon-apart-flow

Apartments

All in one software for an efficient operation.
menu-icon-hostel-flow

Hostels

Give a life-time guest experience.

One software. Endless Possibilities.

Adopt the best in hotel technology with the help of SabeeApp.

icon-cloud-page
Automation

Automates repetitive daily tasks.

icon-food-delivery
Guest Journey

Deliver an outstanding guest experience.

icon-credit-card
SabeePay for your hotel

Multichannel payment solutions.

icon-calendar
Housekeeping

The best partner for your cleaning team.

Subscribe to our Newsletter
Get the latest product and industry updates from the past 30 days and be the first to know about our latest developments.

Security & Compliance

Native cloud-based service

SabeeApp has been developed to be cloud-based, which has many positive aspects. All you need is an internet connection, a web browser, and an active SabeeApp Account. SabeeApp can not be installed on a computer, so certain functions and services work differently from old on-premise software. 

The SabeeApp program does not run on a physical server but on AWS (Amazon Web Services) cloud infrastructure, which is a SAAS (Software as a Service) platform detailed below.

SabeeApp uses a so-called shared database and code base, or in other words; it facilitates a multi-tenant infrastructure. This means that more customers are connected to one database. We are using a shared database and a code base and all of our customers are using this code base or this type of installation. One of the main advantages of this is that every customer is using the most up to date version of the software. Of course, this does not mean that due to this structure, the security is being compromised at all. We also use different user permissions in SabeeApp, and in a shared multi-tenant system, a customer can be identified as a different user account. 

Infrastructure

SabeeApp software is facilitated by the cloud system of AWS (Amazon Web Services) in their Amazon data centre in Ireland. All services used by AWS are based on multi-zones, so if one zone is out of order, the rest of the system can overtake it.

  • Route53
  • WAF (Web Application Firewall)
  • S3 (Simple Storage Service)
  • ALB (Application Load Balancer)
  • VPC (Virtual Private Network)
  • RDS (Relational Database Service)
  • ElastiCache
  • Elasticsearch Service
  • CloudWatch (monitoring, alarming)
  • KMS (Key Management Service)
  • Certificate Manager
  • OpsWorks
  • CodeCommit

Third-party service providers

  • Beanstalk (svn, git) - Source code sharing
  • Github - Source code sharing
  • Google Analytics - for analysis purposes
  • Twillio - Text message provider
  • Mandrillapp, Mailchimp - emailing service
  • Technical stack (dev, test, prod)

At SabeeApp, we use the following programming language: PHP, Javascript, and Bootstrap, and we have the following development stages: 

  • Development  - development stage, not available externally
  • Test - testing stage, available externally only for SabeeApp internal use
  • Production - live stage

Database security, data security, disaster recovery

As it is a cloud-based system, data loss can occur if the fault or problem is related to the database or the file system where PDFs or other documents are stored. 

The following protocols, and solutions are in place in order to minimize the risk of data loss:

    • Real-life data is stored in multiple databases due to continuously replicated database
    • Every night a security copy is made, which can be restored in minutes, from which we store the last 9 copies.
    • Between the RDS and EC2 machines the communication is through an encrypted channel.
    • The database can only be reached from the internal system, or through the SSH system by connecting to the main server.
    • Sensitive data in the database is stored with different encryption, for example, credit cards with 2-key encryption and passwords with salted SHA-512 encryption
  • The database is divided into three zones, and if one zone is out of order, another zone will take over automatically.

 

Incident management procedure

At SabeeApp, every incident is solved by following a strict protocol and then documented. This protocol is available for every SabeeApp employee for internal use. 

We use the following processes in case of an incident: 


  • Identifying the problem
  • Communicating the problem to the whole SabeeApp Team
  • Naming the incident coordinator, if necessary
  • Communicating the problem to the customer in case the incident is related to a customer
  • Eliminating the problem
  • Avoiding the re-occurrence of the problem (if necessary, check and change protocol)
  • Recovering data and source code if needed
  • Making scripts and running them in case replacement / modification of data is needed
  • Informing technical partners if necessary
  • Informing customers about solving the incident
  • Documenting the incident
  • Infrastructure security (amazon security measures, pentest, tl, MFA)
Infrastructure security

Due to the AWS cloud system administration, updating, and security issues of the servers are the responsibility of Amazon engineers. The attacking point is minimized as much as possible due to the big engineering and security team.

Login credentials to AWS are only given to colleagues for a good reason, and they are only allowed to use it with strict security measures ( using strict password and MFA)

With the help of a third party we are regularly doing black and grey box penetration tests in order to identify the system’s vulnerability. 

We are also regularly analyzing the code security and quality with the SonarQube tool.

All data traffic is encrypted with at least TLS 1.2 encryption and every data that we store is encrypted. 

All passwords stored by SabeeApp are hashed, we never store any password or secretive data as text.

Logging the performance of the internal system is based on multi level.

People security management

  • Every colleague’s employment contract contains information about data handling and agreement of secret-keeping duty. Every new colleague’s training includes data protection and security training.
  • Connectivity to AWS is only provided for a good reason and if it is necessary for work
  • Our engineers have reading rights only to our live database.
  • For internal use and where possible, we only use high security passwords managed by 1 Password, and we are using MFA identification where possible. 
  • Our colleagues regularly have security and data security training. 

Facility companies

SabeeApp group is facilitated by the following legal entities:

thePass Kft - Hungary, 1061 Budapest, Király utca 32

SabeeApp LTD - United Kingdom, Hova House, 1 Hova Villas, Brighton and Hove, BN3 3DH

Certifications

  • PCI - DSS Level1 AOC
  • NTAK certification
  • VIZA certification