Making sure all our clients sleep well obviously does not end with a fully secure and operational data center. We have been delivering our services for long enough to know that information we are working with on daily basis for the past decade have to be handled with the utmost importance.
We are happy to say there has never been a breach or similar unpleasant situation. If we can expect it, we will prevent it. We would not be surprised if such a statement would not be enough for all our valued clients, though. You are more than welcome to explore what do we do in order to protect your data, privacy, and business overall.
The matter of security starts with users themselves. We are more than happy and capable of protecting your data, but we sure need you to cooperate on that. Knowledge and awareness are the key.
We would like to suggest taking following actions, even though most of the clients are well aware of them. Better safe than sorry.
- Set up individual login credentials for each user,
- Do not share passwords with anyone – especially not online,
- Follow a set of rules when setting up (or changing) your passwords:
- 11+ characters,
- change them (at least) once a year,
- do not „recycle“ old passwords,
- avoid using the same text as both username & password,
- make sure user’s account is deactivated after the person is suspended,
- generate a new password and an API key when you think the old one might be compromised,
- make sure users change their credentials themselves and do not use emails or chats for that.
Easy Software products come with the option of a mandatory change of users‘ passwords on regular basis (one of seven time periods to choose from). That obviously does not end there, though. We included the option to set the required length of users‘ passwords to accommodate our clients‘ needs.
It is not the only request we took into consideration. A 2-factor authentication system is soon to be supported as well in order to achieve an even higher level of security. LDAP & OpenID can be integrated for smoother access without any problems.
Having thousands of clients allowed us to monitor the overall usage of their storage space to make sure all clients will not suffer from the lack of megabytes. Clients are provided with 50GB of storage space for every application.
However, we want to make sure all clients are taken care of. If you need to keep saving files of larger sizes, do not hesitate to contact your Account Manager or send an email to email@example.com. Our team will always be happy to take over and make that happen.
Nobody can predict the unpredictable. We are no different from other companies in this, as we too have to accept the fact that problems can occur – no matter how low such a risk is. Data reach will be mentioned below but first there needs to be a process put in place that guarantees clients‘ data will never be deleted.
Working with data centers that are geographically distant from each other also allows us to make sure all backups are always stored in multiple locations. This works as a great prevention from natural disasters and represents yet another step towards making sure our hosting will never fail.
Backups are created every 2 hours for the first two days and once a day after. It is important to us to provide our clients the option to perform a rollback if requested, so those backups are saved for at least 2 months after being created.
Backups are encrypted both during the transfer and while stored on physical discs.
Everything is connected. The overall system is only as strong as its weakest link and we are well aware of it. All our backups and promises would not mean anything if we were not able to get our clients up and running in a short amount of time. Should any major problem occur, the database itself can be uploaded back within 15 minutes from the moment our server admins start the process. A separate upload of files is happening simultaneously as it is crucial to us to provide a working application as soon as possible. The time it takes to migrate all clients‘ files can take a few minutes longer as it largely depends on the total size. The migration of 10GB of files takes about 15 minutes.
99.9% long-term uptime has been achieved on regular basis.
Being able to replace a piece of hardware that malfunctioned in a quick manner is just as important as the rest when making sure clients‘ continuity is taken care of. Data is stored on a RAID 1 storage node mirroring on two discs. The application keeps running as long as there is at least one disc working.
We take an extra step, though, as we feel like there is never too many prevention measures. For every machine we have, there is another one to serve as a backup. Should any malfunction occur, the server is immediately backed-up by that one, while the former being replaced promptly.
Users‘ access to the application is limited by permissions set within the system. This part of our products is very complex, as it is a necessary part of a proper project management. Cross-site scripting (XSS) prevented where required, the rest is handled by mentioned permissions.
Any access to the application goes through a tunneling protocol (SSL) while the database is stored on an encrypted disc. SSH-2 encryption is used for the backup transfer.
Only HTTP and HTTPS accesses are allowed through our firewall system. Every HTTP request is immediately redirected to HTTPS as well.
Permanent support & maintenance
Clients hosted on our cloud receive numbers for our server hotline that is operational 24/7. However, we want to stress that this line serves for critical issues caused by our side. Calling this number for other purposes might result in losing the approval to use it.
It goes without saying that all applications are constantly monitored and immediate reports are generated in case of any issues. This allows us to resolve the majority of problems without even affecting the end user.
Such monitoring does not concern applications only. All hardware is also under control at all times. This is essential for larger clients as we are able to suggest performance upgrades before users start experiencing higher response times of the application – making for an optimized configuration for every client.
These services, together with the initial setup and continuous administration, are included in the standard price for private clouds. You can find that on our pricing pages or reach out to your Account Manager and request further information.
Infrastructure maintenance windows
On a monthly basis, the infrastructure is updated with the latest optimizations and security patches. Additionally, ad-hoc updates may be implemented based on unforeseeable events. This process is an absolute necessity for all cloud service providers to ensure stability and safety on the highest possible level. Such updates require so-called planned maintenance windows, which are night hours when the servers (and their applications) may not be accessible. This, of course, does not cause any data loss.
In Easy Cloud the maintenance windows are: