Security

security2

Infrastructure Hosting Environment
Our primary hosting facility is located in Michigan. It is a tier-one hosting facility that offers strict access controls (biometric and card swipe access systems) to individual areas of the hosting facility, providing for separation of areas, video monitoring of hosting environments, HVAC, redundant power and natural gas backup generators, FM-200 non-flammable fire suppression system, 24/7 security monitoring, and redundant high-speed network connectivity. The site is fully replicated in Chicago, which is also a tier-one facility, located on a completely different power grid than our primary facility for maximum uptime.

Network Infrastructure Security
All servers are hosted behind enterprise-grade firewalls that control access by protocol to each server. Each server has specific rules in the firewall that only allows permitted protocols to access each server, such as HTTP or HTTPS for web servers, etc. Furthermore, application and database servers are separated from web servers into a separate demilitarized zone (DMZ), and are not visible to the public internet on any protocol level. Multiple web servers are connected across the DMZ to the application servers via the firewall. The application servers and database servers are on the same private network and are not accessible from the public internet.

Business Continuity
All server platforms are backed up to a “disk-to-disk” backup appliance on a regular basis. Off-site backup is provided by replication to a secondary facility. Failover is provided by standby systems in a secondary hosting facility. Database log-shipping between primary database services and the secondary facility provides near-transactional recoverability in the case of catastrophic failure of the primary facility. Recovery of primary systems to secondary facility is tested twice a year.

IT administration has secure VPN access (as described in “Administrative Access” to all necessary systems from any location on the internet, providing for wide availability of system administration regardless of geographically specific outages. Servers critical to operations in both facilities are individually backed up and maintained.