πŸ”Security and Compliance

Backed by Google

Introduction

Overbookd is committed to providing secure and reliable services to our customers. As a provider of calendar and cost insights, we recognize the importance of data security and take all necessary measures to ensure that our users’ data is protected from unauthorized access, misuse, or loss. This security document outlines the security measures we have implemented to safeguard the data of our users.

Google Workspace Marketplace Review

Overbookd has completed and passed the Google Workspace Marketplace terms and policy review process. This process ensures that our application meets the security and privacy standards set by Google. Our product has been reviewed and tested by Google to ensure that it meets the highest standards of data security, data privacy, and data protection.

The details of this review are detailed in Googles Workspace Terms and Policies and Google Workspace Marketplace Developer Agreement

Encryption

All calendar event and authorization data for all users in Overbookd is first hashed and then encrypted to ensure the highest level of security. We use Advanced Encryption Standard (AES) as our encryption standard to protect all users' data that is stored in Google Cloud Storage. AES is a widely accepted and widely used encryption algorithm that provides strong encryption for sensitive data.

Encryption Key Management

We follow industry best practices for key management and ensure that encryption keys are stored securely and that access to them is strictly controlled. The encryption keys are only accessible to authorized personnel and are stored in a secure, tamper-proof environment.

Data Storage

Overbookd uses Google Cloud Firestore as its data storage solution. Firestore is a fully managed NoSQL document database that provides scalability, flexibility, and automatic replication to ensure high availability and durability of data. It offers robust data security features, including encryption at rest and in transit, fine-grained access control, and audit logging, which help protect against unauthorized access, data breaches, and other security threats.

One of the key security benefits of Firestore is its granular access control, which allows businesses to define roles and permissions for users and groups to ensure that only authorized users can access specific data. This feature helps businesses comply with regulatory requirements and mitigate the risk of data breaches and cyber attacks.

Authentication

To ensure the security of user data and prevent unauthorized access, Overbookd uses Google OAuth for user authentication.

Google OAuth is a secure and reliable authentication protocol that allows users to grant third-party applications access to their Google account without sharing their login credentials. It uses industry-standard encryption techniques to protect user credentials and prevent them from being intercepted or stolen.

When users sign up for an Overbookd account, they are redirected to Google's authentication page, where they are prompted to enter their Google account credentials. Once they authenticate, Google generates a unique access token that allows Overbookd to access their Google account information, such as their name and email address.

Using Google OAuth for authentication ensures that only authorized users can access their Overbookd account and that their login credentials are kept secure. It also allows users to maintain control over their data and revoke access at any time.

Overall, Google OAuth provides a secure and reliable authentication mechanism that helps protect user data and prevent unauthorized access. By using Google OAuth for user authentication, Overbookd ensures that user data is protected at all times and that users

Last updated