Physically Separated Data
All the NinjaTable applications physically store the data in different databases on DBMS level. This eliminates the possibility of the data mixing up between different applications.
For different NinjaTable applications different connection strings to different databases on DBMS level are used. Every connection string owner has permission to access only his own database. This eliminates the possibility of hacking (i.e., viewing and modification of data) via another application.Access permission verification
When logging into the system, a user gets a unique access token which determines the user and all his privileges in the system.
All the operations with the application’s data and metadata are performed via the API calls. Before executing an operation every API checks the user’s access token. This token helps identify the user and his permissions. If the user doesn’t have permission to execute an operation the system generates an error message. This protects the data from being viewed or modified by other users.
As an additional precaution, the access token is verified before handling the request. This means that before the request is processed the system checks if the user is authorized. This operation is carried out for all API calls with the exception of the Login method. This ensures additional protection of the system from any request made by an unauthorized user. It is impossible to begin processing any requests without knowing any of the user credentials because in that case the system will not even begin to check permissions.Logging
All the users’ actions are logged. This allows to know which user has created a record or entered a number or a string and what data has been stored in a record before the modification.Backup
Every day NinjaTable makes backup copies of all paid applications to Amazon S3. This is one of the world’s best data cloud services which provides high-level security of your data. Once a week our team makes manual copies of all paid databases to a separate backup server. Once in several days we make full backup of the servers hosting the NinjaTable application.
This way the backups are stored on three separated physical servers:
1) Amazon S3 data centers
2) NinjaTable backup server
3) NinjaTable main server