Documentation

No results
    gitHub

    Security-first browser deployment

    Important notes: 

    1) the browser deployment is currently only available for the Community Edition.  Other editions to follow.

    2) our browser deployment currently supports the latest versions of Chrome, Edge, Brave, Firefox browsers and Safari.  

    3) some features have a graceful degradation of the user experience due to limitations imposed by the browser.  For example Brave, Firefox, and Safari do not support the File System Access API, and as a result, the action to save a model is implemented as the download of a new copy.  For the best user experience, you should use Chrome or Edge.

    3) native features of the application may be restricted due to each browser's own restrictions.  User experience may be degraded as a result, typically for legitimate security reasons.

     

    Obviously, this requires no download or installation.  Just go to https://studio.hackolade.com from your favorite browser and start your data modeling work.  No sign-up necessary, or complex user management. 

     

    Hackolade Studio has traditionally been available as an offline desktop application for Windows, Mac, and Linux.  Starting with v7.0.0, it is now also available as a cross-browser serveless web app which can open data models from and save them to your local environment.  All from the same code base, meaning that, as we add weekly enhancements and new features, they are deployed automatically to the offline desktop and the online browser.  The latest version is exactly the same for the browser deployment and all desktop operating systems.

     

    This serverless setup gives you full control of the residency for your data models, while leveraging the benefits of an online application.  In other words, the Hackolade Studio online application runs without any kind of backend system or database.  We only host the application itself on a Content Delivery Network like Azure Front Door or AWS CloudFront, while you continue to maintain your data models locally, as you would do with the offline desktop deployment of Hackolade Studio.

     

    The main benefits of this setup are that you remain in complete control of your data while always running the latest version of Hackolade Studio without having to install and deploy the software.  

     

    Desktop and Browser architecture

     

    Security-first, bring-your-own-storage approach

    Hackolade Studio is a unique security-first data modeling tool in that we provide the application platform, but your data model only lives in your browser on your local device while you are working on it.  Upon saving, your data model is stored at the location of your choice: on your local device, on a shared internal network drive, or in a locally-cloned Git repository. Your data model is never sent to us, even when you save your data model or perform operations with it.

     

    Even if you export to JSON Schema or print the ER diagram, your data model never leaves your network and is never sent to any server of ours (which we don't have anyway...)

     

    The added advantage is that we don't create yet another silo for your data models.  You keep on storing them wherever is makes the most sense to you.  The fact that you run the latest version of the software in a browser does not affect the location of your data models. 

     

    We are fully committed to data security and privacy

    Because your sensitive data model does not leave your infrastructure and is never stored on our servers, Hackolade Studio is a tool which lets you comply with data protection certifications (ISO 27000, 27001 and 27002) and GDPR: 

    - we do not track your use of the https://studio.hackolade.com website  - there are no cookies, advertisements, analytics, browser fingerprinting or tracking beacons;

    - we don’t track your use of the Hackolade Studio applications, whether online in the browser, or desktop;

    - Hackolade Studio does not allow your data models to be stored on our servers.

     

    The serverless architecture addresses any security or confidentiality concern users might have with a SaaS platform.  Many Software-as-a-Service solutions host not only the software but also your data, sometimes with certification programs such as ISO 27001 or SOC 2.  While security concerns are legitimate for full SaaS solutions, they are simply not applicable in the case of the browser deployment of Hackolade Studio, as we never collect or store any of your data or data models.  We also do not collect any telemetry.  Nothing.

     

    If you still have any doubts, we suggest this easy test: first load the application in your browser at https://studio.hackolade.com, then disconnect entirely from the Internet.  You will see that you can continue to use the Hackolade Studio editor in your browser, then save your data model, or work on a previously saved model present on your local drive.  You may also use a network traffic sniffer/analyzer to validate this claim.

     

    The secure cloud CDN architecture takes a zero-trust approach to protect against automated bots, injection attacks and application-layer denial-of-service attacks.

     

    Offline and secure data modeling with the desktop application

    If you want to perform data modeling in a totally secure and offline environment, download and install Hackolade Studio Desktop. This stand-alone desktop application is available for Windows, MacOS, and Linux.

     

    Do you need to obfuscate your data models before you share them?

    Use the File > Save Obfuscated As... function to overwrite all texts so you can safely share sensitive ER Diagrams and structures with clients or partners without fear of breaching non-disclosure clauses or the GDPR.  This can be particularly useful to help Hackolade support troubleshoot issues you might encounter.

     

    Always run the latest and greatest version of Hackolade Studio

    Given the weekly frequency of our new version releases bringing continuous enhancements, some organizations have been challenged to keep up.  It can be hard sometimes to get the IT department to validate a new version, create an image, and deploy it to a large number of users.  With the browser deployment of Hackolade Studio, there is no effort to always have access to the latest feature enhancements.

     

    The question is sometimes asked whether the browser deployment of Hackolade Studio could be run on an internal server in your organization.  While it would technically be possible, we do not offer this possibility.  The reasons are: 

    - it would remove the main benefit of this architecture, i.e. that you would always access the latest version of the application.  We'd be back in the situation where you'd be dependent on your IT Department's validation, installation and deployment of each new version of our software;

    - it would require to support a server-based product, which is an entirely different business model.

     

    Browser deployment architecture

    For those interested in the inner workings, the browser deployment of Hackolade Studio runs the exact same code base as the offline desktop application.  The offline desktop deployment of Hackolade Studio was written from day 1 in ReactJS and packaged as a desktop application with Electron, the framework developed and maintained by GitHub.  Electron runs the application code in the Chromium browser engine, which also powers the Chrome web browser.  The browser deployment of Hackolade Studio is just a different packaging of the same code as the offline deployment, so you can now access the same functionality in a more convenient manner.

     

    Azure Front Door and AWS CloudFront deliver our static application content to you from the edge location closest to you in terms of latency.  Processing takes place in your browser and never leaves your network.  No data or telemetry is being collected from the processing of your data models. Your data models are persisted locally and never leave your network.  There is no data in transit, and if you're using the Workgroup features, all commits, pulls, pushes, change requests, branch merges, etc. take place locally and never across the public network.

     

     

    Browser - Azure FrontDoor CDN network