It's a nightmare for many companies and enterprise technical departments to run the required apps separately, keep up with the maintenance, auditing logs and manage their updates. Especially the ones with low IT resources or complex structure.

It's not resources-effective approach neither secure. Despite it requires a dedicated team of DevOps to keep up, It is also a challenge for company identity management, access management and compliance.

Here it comes Sandstorm, An open-source solution that is designed specifically to resolve these issue and boost enterprise, developers, DevOps and  individuals productivity. In this article we will guide you through this amazing application, explaining how it works, listing its features and the best use-cases for it.

What's Sandstorm?

Sandstorm is an open-source solution for running self-hosted web applications within the same platform. It only requires one login from the user to access all applications and features advanced identity and permission management system for users.

Installing application on Sandstorm requires only few clicks, which minimize the time-waste of setup, configuration and managing the apps. It also features automatic updates for these applications without the need to bother the user or the DevOps with backups.

Sandstorm is a feature-rich system that can runs seamlessly on all enterprise and community-powered Linux distributions. Overall, it has dozens of applications that promote the productivity for the enterprise, communities and individuals. It's also the perfect fit for small and medium-size companies.

Soon as Sandstorm is installed, the user can start installing about 70 self-hosted web applications in several categories: communication and messaging, project management, task management, document editing, file sharing and more.

Sandstorm is the ultimate collaborative, secure  and developer-friendly platform for all sort of enterprises, especially the ones that prefers open-source solutions.

In Medevel.com, We like Sandstorm, not just because its productivity or security features or the wide range of apps we can install and use, but also because it save us a lot of time with minimal server work.

DevTools

Unfortunately, there is no  enough medical or healthcare applications on its store, otherwise we would recommend it for healthcare facilities and our enterprise healthcare clients.

The core problems Sandstorm solves are:

  1. Application security: It sandboxes the applications which ensures protection from application bugs.
  2. Unified identity and access management system (IAM): with one account, the user can access all the applications.
  3. Usability features across all applications (e.g. search)
  4. Dozens of enterprise ready applications
  5. Multiple deployment options: Cloud and on-premise installation
  6. Enterprise-ready features: LDAP, SAML and Active Directory integration, Log auditing, automatic encryption and enterprise structure integration
  7. The organization is free to choose where to store the data
  8. Development boilerplate: Sandstorm approaches the problem with unique methods as it offers core component for authentication, backups, encryption and common tools. So, developers can focus on development not server works.

Overall, It's easy to install, manage, maintain and update.

Sandstorm's users

Sandstorm is created for enterprises, small and medium size companies, communities and freelance individuals who have productive workflow.  

It's also focuses on developers who want a solid platform to build or integrate their applications, as the developers can sandbox their apps and take an advantage of the identity and access management system as well as global application usability features.

Use-cases

  1. Creative agencies
  2. Software development agencies
  3. Developer communities
  4. Schools
  5. Universities
  6. Legal
  7. Finance
  8. Healthcare
  9. Research facilities
  10. Film industry

Bonus: Creative community can use it to communicate, organize projects, file sharing and document editing.

How does Sandstorm work?

Sandstorm uses Grains a fine-grained object container to run applications, which isolate or sandbox the applications in containers. Furthermore, its user management system and access control functionalities work directly with each container.

This approach is easy for developers because it's less complex and less boilerplate. Sandstorm functionalities as search and data access can work with the data cross all containers without the need for custom hacks.

Sandstorm with its service oriented structure promote scalability and low running cost. Overall, It provides enhanced security measure for all grained applications.

Basically, Sandstorm is a container-based platform to run self-hosted web applications. It handles and manages: login, access, security, search, application management and auditing.

Features

  1. Rich ecosystem
  2. Single sing-on
  3. Unified identity and access control
  4. Protection against application bugs
  5. Sandboxing applications
  6. Access auditing
  7. Automatic update
  8. Tabbed UI
  9. Desktop and browser notification
  10. Backup
  11. Cross application mention
  12. Search across all application
  13. Google, Twitter and GitHub sign-up and login
  14. Easy to install
  15. Log auditing
  16. Advanced sandbox management (grain management)
  17. Compliance tool ready
  18. Secure
  19. Ready to scale
  20. Rich developer tool set

Why should enterprise consider using Sandstorm?

Sandstorm offers all-in-one platform that install, run, maintain and automatically update dozens of applications. It has a built-in IAM system that plays well with all integrated applications, so the user needs only one account for single sign-on.

It's free open-source system, enterprises can clone it, install it on their private cloud or on-premise.

Here is why:

  1. All application in one place
  2. Installing apps with one click
  3. LDAP, SAML and Active Directory support
  4. Global access control
  5. Global auditing logging system
  6. Automatic encryption
  7. Multiple deployment option
  8. Developer tools to build and integrate apps.
  9. Powerful community support
  10. Ready to scale
  11. Fine-grained encryption

Sandstorm Application Store

Here are some of the best application included in Sandstorm store:

  1. Rocket.Chat: Real-time messaging system, an open-source alternative to Slack
  2. SendChat: A powerful minimal chat app for teams
  3. Simple Chat: Yet another chat application
  4. Roundcube: Web-based email client
  5. Hugo: Static website generator
  6. ShareLaTeX: Web-based open-source LaTeX editor for teams
  7. Davros: File sharing and collaboration platform
  8. DokuWiki: A simple powerful wiki-engine.
  9. Wekan: Kanban board manager for productive people and remote teams
  10. Wordpress: blogging platform
  11. Etherpad: collaborative document editor. Read more.
  12. Swagger Editor: REST-API test environment for developers
  13. PIWIK: Web Analytics Platform
  14. FileDrop: A simple file sharing utilities for designers, developers and teams
  15. Ghost blog: An open-source blogging platform
  16. Brainstorm: Advanced note-taking self-hosted solution
  17. Dillinger: Markdown editor
  18. Contact Otter: A personal self-hosted CRM solution.

HIPAA and GDPR Compliance with Sandstorm

One of our primary focus on Medevel.com is HIPAA compliance with open-source solutions for our customers. It's difficult to find a proper open-source solution that comply with HIPAA out of the box.  With Sandstorm, we found it the best solution for enterprise which require HIPAA complaint platform.

Sandstorm has an advanced access control policy and auditing systems. It enforces the rules uniformly across all applications.

The same goes for GDPR, with Sandstorm unified identity and access management as well as auditing functionalities, enterprises can customize more features to make it GDPR compliant.

Install Sandstorm

To install Sandstorm you will have two options: Install it from HTTPS-verified install or PGP-verified install, You can also find a detailed instruction on how to install it on Amazon Web Services (AWS).

curl https://install.sandstorm.io | bash
Install Sandstorm from HTTPS-verified install

If you want to install it on a private cloud like DigitalOcean, You can install it following these instructions.

Enterprise Sandstorm Setup

To get an enterprise Sandstorm setup that includes a single sign-on with full email/LDAP/SAML support as well as automatic user provisioning, You will have to get Sandstorm work setup for $15/ user a month.  It may look expensive, but NGOs non-profit organizations can get special pricing and discounts.

Also, enterprise developers can extend these features on their own without the need to subscribe to such service.

Free custom domain name from Sandcats.io

Sandcats.io is a free dynamic DNS service from Sandstorm's core team. It offers a dynamic subdomain for any Sandstorm install which will be a useful shortcut for business like: YOURNAME.sandcats.io.

With valid HTTPs certificate, the use does not have to worry about setting up his certificate.

Further readings

  1. Sandstorm Official Website: https://sandstorm.io/
  2. App Store: https://apps.sandstorm.io/
  3. GitHub: https://github.com/sandstorm-io/sandstorm
  4. How it works: https://sandstorm.io/how-it-works
  5. GDPR Open-source Software