Developer HubGitHubContact Us
Search…
Welcome!
Olive Helps
Platform
Security / IT
Loop Development Kit
Your First Loop
Troubleshooting
Loop Security
Permissions
Environment Permissions
Loop Publication
Loop Development FAQ
Examples
Documentation
Interfaces
Type Aliases
Enumerations
Whisper Components
Base Attributes
Button
Link
Markdown
Section Title
APTITUDES
What are Aptitudes?
Browser
Clipboard
Cursor
Document
Filesystem
Keyboard
Network
Process
Screen
Search
System
UI
User
Vault
Whisper
Window
Release Notes
What's New
Archive
Powered By GitBook
Loop Security
Your security is important to us!

Loop Sandboxing

All Loops, whether built by Olive or by third parties, are executed in isolated runtime environments. Each Loop runs in its own sandbox: This allows Olive Helps to create device, file, network, and process isolation. In the case of network isolation, each Loop is set to have no network access by default. If the Loop needs access to a specific API for example, then the Loop Author must declare that they need network permission and which domain they plan to access. When a user adds a Loop from the Library, they can see exactly what a Loop is asking to do.
Every network call will come through the Olive Helps ecosystem: https-only traffic is enforced, and access restricted to the domains declared by the Loop Author. Olive also monitors and logs domain access and frequency by every Loop. All activities that Loops do (read a file, make a network request, etc) cannot bypass the Olive Helps ecosystem, ensuring peace of mind.

Loop Signing

All Loops are signed by both the Loop Author and by Olive to ensure the authenticity of the Loops throughout their lifecycle.

Third-party / Partner Loops

Olive Helps is a platform: One that is most powerful when third-parties contribute their expertise and services in the form of Loops. We understand the importance of security in healthcare - there are processes in place to make sure Loops meet our requirements before ever becoming public.
No Loop is made public in the Loop Library without first being reviewed by the Olive team. The Olive team verifies adherence to security practices and user experience guidelines. We also asses vulnerability through threat modeling, as well as review data flow and asset classification.
If a Loop uses third-party APIs, data will be transferred securely from a user’s desktop to the API using HTTPS enforced by Olive Helps at all times, ensuring encryption at rest and in transit.
Some Loops in the Library may install content via binary files on a user’s local machine - these will not make calls out to any services. A majority of these Loops request the most updated content from a provisioned source. For instance, a NPI lookup might trigger a Loop that makes a call out to a provider dictionary which is maintained as a central service by Olive.
Loop Development Kit - Previous
Troubleshooting
Next
Permissions
Last modified 6d ago
Copy link
Contents
Loop Sandboxing
Loop Signing
Third-party / Partner Loops