Security-first browser deployment
Important notes:
1) the browser deployment is currently available for the Community Edition, and the Read-Only Viewer Edition. The Community edition does not require a license key. Other editions do require a license key.
2) our browser deployment currently supports the latest versions of Chrome, Edge, Brave, Firefox browsers and Safari.
3) some features have a graceful degradation of the user experience due to limitations imposed by the browser. For example Brave, Firefox, and Safari do not support the File System Access API, and as a result, the action to save a model is implemented as the download of a new copy. For the best user experience, you should use Chrome or Edge.
3) some native features of the application may be restricted due to each browser's own restrictions, or due to W3C security standards. User experience may be degraded as a result, typically for legitimate security reasons. In some cases, the only possible alternative is to use the desktop deployment. We are closely monitoring evolution of standards that would allow us to enable more desktop features in the browser, such as Isolated Web Apps or Direct Sockets. If and when such evolutions would be released in standard browser versions, we will make sure to leverage them.
Obviously, this requires no download or installation. Just go to https://studio.hackolade.com from your favorite browser and start your data modeling work. No sign-up necessary, or complex user management.
Hackolade Studio has traditionally been available as an offline desktop application for Windows, Mac, and Linux. Starting with v7.0.0, it is now also available as a cross-browser serveless web app which can open data models from and save them to your local environment. All from the same code base, meaning that, as we add weekly enhancements and new features, they are deployed automatically to the offline desktop and the online browser. The latest version is exactly the same for the browser deployment and all desktop operating systems.
This serverless setup gives you full control of the residency for your data models, while leveraging the benefits of an online application. In other words, the Hackolade Studio online application runs without any kind of backend system or database. We only host the application itself on a Content Delivery Network like Azure Front Door or AWS CloudFront, while you continue to maintain your data models locally, as you would do with the offline desktop deployment of Hackolade Studio.
The main benefits of this setup are that you remain in complete control of your data while always running the latest version of Hackolade Studio without having to install and deploy the software.
Security-first, bring-your-own-storage approach
Hackolade Studio is a unique security-first data modeling tool in that we provide the application platform, but your data model only lives in your browser on your local device while you are working on it. Upon saving, your data model is stored at the location of your choice: on your local device, on a shared internal network drive, or in a locally-cloned Git repository. Your data model is never sent to us, even when you save your data model or perform operations with it.
Even if you export to JSON Schema or print the ER diagram, your data model never leaves your network and is never sent to any server of ours (which we don't have anyway...)
The added advantage is that we don't create yet another silo for your data models. You keep on storing them wherever is makes the most sense to you. The fact that you run the latest version of the software in a browser does not affect the location of your data models.
We are fully committed to data security and privacy
Because your sensitive data model does not leave your infrastructure and is never stored on our servers, Hackolade Studio is a tool which lets you comply with data protection certifications (ISO 27000, 27001 and 27002) and GDPR:
- we do not track your use of the https://studio.hackolade.com website - there are no cookies, no advertisements, no analytics, no browser fingerprinting, and no tracking beacons;
- we don’t track your use of the Hackolade Studio applications, whether online in the browser, or desktop;
- Hackolade Studio does not allow your data models to be stored on our servers.
The serverless architecture addresses any security or confidentiality concern users might have with a SaaS platform. Many Software-as-a-Service solutions host not only the software but also your data, sometimes with certification programs such as ISO 27001 or SOC 2. While security concerns are legitimate for full SaaS solutions, they are simply not applicable in the case of the browser deployment of Hackolade Studio, as we never collect or store any of your data or data models. We also do not collect any telemetry. Nothing.
If you still have any doubts, we suggest this easy test: first load the application in your browser at https://studio.hackolade.com, then disconnect entirely from the Internet. You will see that you can continue to use the Hackolade Studio editor in your browser, then save your data model, or work on a previously saved model present on your local drive. You may also use a network traffic sniffer/analyzer to validate this claim.
The secure cloud CDN architecture takes a zero-trust approach to protect against automated bots, injection attacks and application-layer denial-of-service attacks.
Offline and secure data modeling with the desktop application
If you want to perform data modeling in a totally secure and offline environment, download and install Hackolade Studio Desktop. This stand-alone desktop application is available for Windows, MacOS, and Linux.
Do you need to obfuscate your data models before you share them?
Use the File > Save Obfuscated As... function to overwrite all texts so you can safely share sensitive ER Diagrams and structures with clients or partners without fear of breaching non-disclosure clauses or the GDPR. This can be particularly useful to help Hackolade support troubleshoot issues you might encounter.
Always run the latest and greatest version of Hackolade Studio
Given the weekly frequency of our new version releases bringing continuous enhancements, some organizations have been challenged to keep up. It can be hard sometimes to get the IT department to validate a new version, create an image, and deploy it to a large number of users. With the browser deployment of Hackolade Studio, there is no effort to always have access to the latest feature enhancements.
The question is sometimes asked whether the browser deployment of Hackolade Studio could be run on an internal server in your organization. While it would technically be possible, we do not offer this possibility. The reasons are:
- it would remove the main benefit of this architecture, i.e. that you would always access the latest version of the application. We'd be back in the situation where you'd be dependent on your IT Department's validation, installation and deployment of each new version of our software;
- it would require to support a server-based product, which is an entirely different business model.
Browser deployment architecture
For those interested in the inner workings, the browser deployment of Hackolade Studio runs the exact same code base as the offline desktop application. The offline desktop deployment of Hackolade Studio was written from day 1 in ReactJS and packaged as a desktop application with Electron, the framework developed and maintained by GitHub. Electron runs the application code in the Chromium browser engine, which also powers the Chrome web browser. The browser deployment of Hackolade Studio is just a different packaging of the same code as the offline deployment, so you can now access the same functionality in a more convenient manner.
Azure Front Door and AWS CloudFront deliver our static application content to you from the edge location closest to you in terms of latency. Processing takes place in your browser and never leaves your network. No data or telemetry is being collected from the processing of your data models. Your data models are persisted locally and never leave your network. There is no data in transit, and if you're using the Workgroup features, all commits, pulls, pushes, change requests, branch merges, etc. take place locally and never across the public network.
WAF and DDoS protections are enabled using the respective capabilities of Azure Front Door and AWS CloudFront.
Configure your browser to enable site data
It is also better to use your browser in its standard mode, i.e. NOT in a guest, private, or incognito tab. While we don't use cookies, we do leverage some features of what's called "site data" capabilities in your browser. Adjusting your browser settings to enable site data for Hackolade Studio Browser ensures that your settings are preserved, even after reloading the application or starting a new session in a new tab. This includes:
- Application options
- License key information, if applicable
Whether you're using Chrome, Edge, Brave, Firefox, or Safari, enabling site data is a simple yet effective step towards enhancing your user experience with Hackolade Studio Browser.
Google Chrome
In the address bar, type chrome://settings/content/siteData
You have the option to enable site data universally or solely for selected websites. Should you prefer the latter, make sure to add the URL https://studio.hackolade.com to the list of sites allowed to store data on your devices.
Reload the application for the changes to take effect
Microsoft Edge
In the address bar, type edge://settings/content/cookies
You have the option to enable site data universally or solely for selected websites. Should you prefer the latter, make sure to add the URL https://studio.hackolade.com to the list of sites allowed to store data on your devices.
Reload the application for the changes to take effect.
Brave
Click on the Brave icon located in the address bar.
Select "Allow all cookies" or "Block cross-site cookies" from the menu. Brave automatically reloads the application, applying the new privacy settings.
Mozilla Firefox
In the address bar, type about:preferences#privacy
In the "Cookies and Site Data" section, click on "Manage Exceptions."
Make sure to add the https://studio.hackolade.com to the list of sites allowed to store data on your devices.
Reload the application for the changes to take effect
Safari
Go to Safari > Settings > Privacy > Advanced settings.
Disable the "Block all cookies" option.
Reload the application for the settings to take effect.