Bookings ONE data flow
Bookings ONE are powerful as smart office system and able to integrate with various 3rd-party integration and interfaces, data protection within integration is one of the most important part we highly concern. The following diagram shows how Bookings ONE handle and protect your data from unexpected external exposure .
Data flow diagram
1. File Hosting
This is used for hosting the static files and generate the user interface, including html, script, style, images files, etc. These will be used to generate the user interface for user, such as User App, Management Console, Visitor App and Outlook Add-in.
Those files are fixed and static for all user, and will NOT contain any user / booking data.
2. Internal API
These API are provided for user to retrieve the data from Bookings ONE server and the user interface will render based on the retrieved data. These API are well protected by user authentication, which only logged-in user can access these APIs.
In addition, API access will also be limited based on individual user identity and permissions. This means that API with advanced function access will not be accessible by basic user even they have logged into the system.
3. SSO Interface
These interface are used for getting the external user authorization information to Bookings ONE based on pre-configured settings. Once the SSO interface receive the information, it will verify if it is an valid data for Bookings ONE. If the verification success, system will transfer the data to Bookings ONE with user authentication and further action will be handled by Internal API.
4. Player APIs
These APIs are provided for the Bookings ONE Players (including Room display, desk display, check-in Kiosk, etc...) to show the related information. These API are protected by player security policy, which only Bookings ONE's official players can access to these APIs.
5. External APIs
External APIs are the APIs made for third party application, which allow them to access data from Bookings ONE, or upload data to Bookings ONE such as IoT Sensor data. These API are closed by default, and will only be enable based on administrator configuration. For detail please refer to External APIs
6. Synchronization Jobs
Bookings ONE has integration with multiple user directory and calendar service, such as active directory and Microsoft Office. These jobs are integrated with the interfaces based on external security policy. Bookings ONE only collects user data / calendar data.
For more information, please refer to following pages:
7. Notification Jobs
Bookings ONE pushes the notification and information data to user through common services, e.g. SMTP email server, web push notification and mobile pass. Only visible data will be sent out.
For more information, please refer to following pages:
8. Media IO / System Logging IO
Bookings ONE will save the user uploaded media file / system logging file to the file storage. Currently Bookings ONE support multiple type of file storage. The file storage configuration will be based on customer installation setting of Bookings ONE server.
9. ORM
Bookings ONE will save all data to the database through ORM. No data will be kept within the Bookings ONE application. The protection and backup for database are important for data security.
For more information, please refer to Data backup.