Technical Descriptions
Tech behind the SaaS
Stockholm, 13 Sept 2023
Leasify's Saas service "My pages" is described here in a technical basic perspective and the document should be seen as a living document as development progresses rapidly with new requirements and versions over time.
Remember that we have GDPR including the PUB agreement which is the basic agreement for the regulation of data handling, security and requirements. This document in no way supersedes these agreed upon agreements.
https://wiki.leasify.se/books/tech-security/chapter/general-terms-and-conditions
Hosting
Leasify manages the operation on its own and it is located in the cloud environment at Amazon Web Services (AWS) with a location in Stockholm / eu-north-1. We monitor, adjust, and manage our primary operating environment https://app.leasify.se.
All access is via encrypted SSH access with logging and ongoing personal control.
The server environment and databases are located in eu-north-1 / Stockholm for the best response time and uptime.
Amazon's AWS (data center eu-north-1 / Stockholm) is also used for long-term storage of documents, OCR scanning, and AI services with programmatic access for the highest control and logging.
Security and Backup
All services Leasify uses have 2-factor authentication turned on.
The traffic towards operation servers goes via Cloudflare and WAF to be able to quickly block unauthorized traffic if necessary.
As option we will require either BankID or the 2FA option for all Leasify users in the system.
Backup takes place continuously (3 times a day) with rotation with a 6-month possibility of restoration according to a specific schedule. Total backup restore is handled manually upon request.
Access logging takes place on an ongoing basis partly against web servers, but also against the work steps that take place in the application, such as contract changes and report extraction.
Operational monitoring can be visited from outside via https://status.leasify.se/
Continuous Delivery
All code is versioned and set up with continuous delivery (CI) via tests across version notations. We minimize interruptions during deliveries and thus have no specific time windows for taking down the service during upgrades.
If longer interruptions are required, messages about this will be sent out well in advance of the event and these major upgrades are usually made outside Swedish office hours, more specifically before 07:00 and after 17:00 (Stockholm, GMT+1).
Development Methods
The development takes place according to Scrum with 3-week sprints with delivery schedule and demo as well as retro. We use tools for all development with epics, boards, burndown reports and documentation.
Developed functions are demonstrated via "What's new" in the application which comes as notifications for all users.
Integrations
We communicate with various services for interest rates, rates and financial data. Examples of these are Banksignering, Riksbanken, Fixer/Morningstar. Full third party service list can be accuired if needed.
The service today offers limited integration in the form of certain data over CSV and DTO.
We are happy to see future partners for integrations with our service. We have a very malleable platform with possibilities for communications over REST API with the desired services.
Language Localization
The SaaS application is primarily developed in Swedish and support is available for English.
The application language for user selection has support for sv,en,da,nb,fi,lt,lv,ee and can be extended upon request.
Development Roadmap
The following development points are currently in focus:
- Extended AI-chat support as complement to the wiki.
- Wiki about all functions of the service.
- External integrations with partners and other systems.
- Procurement and financial requests.
Technical Contact
For further information, questions and requests regarding this information, the easiest way to contact:
Andreas Ek, CTO, +46703032203, andreas.ek[a]leasify.se.
Single Sign On
What is Single Sign On?
Single Sign On (SSO) is a function for easier login and authorization control via third party.
Often, companies already have a centralized management of accounts that is controlled continuously.
It is also convenient as a user not to have to remember yet another password for the next service.
Above all, this raises the minimum level for security in external applications.
How can we get SSO?
Activate the "Single Sign On" module under company settings. You can test it for free for 10 days.
Go to company settings and "Change information". There, after activation, there will be a "Single Sign On" tab.
Select Azure and save, try logging out and then logging in again via SSO.
If it works well, activate "Require from all" and email login will no longer be possible for your company to "My Pages" at Leasify.
Future upgrades?
The following development plan applies to SSO, which will arrive shortly:
- Auto-create accounts according to domain specification.
- Customer-specific AAD providers.
- Google Apps as provider.
- LinkedIn as provider.
- Automatic connection from AAD groups to Leasify groups.
Wishes
If you have requests or feedback regarding SSO, please contact Andreas Ek, andreas.ek[a]leasify.se, +46703032203!