Cloud Services

December, 2018

Applications

At the user endpoint, a recent and standards-compliant browser is required. We guarantee fast and error-free operation using the current version of Google Chrome. Using other and/or outdated browsers, your mileage may vary.

The Lighthouse audits, run on an emulated midrange smartphone from 2015 with slow 4G, result in these scores of a typical Vision 42 application are:

  • 99% - Performance
  • 100% - Progressive Web App
  • 100% - Accessibility
  • 100% - Best Practices
  • 100% - SEO

For details, see the attached report. Note we make use of IPv6 and HTTP/2. An application's performance is regularly assessed. In case of diminishing performance, measures will be taken to speed up the application. Amongst possible improvements are database tuning and adding hardware.

Each application exists in three environments: development, quality assurance, and production. Our release management is based on promotion to the next environment, to limit human error. Previous releases are saved, in case a rollback is required. All data in the quality assurance environment is copied daily from production.

Application bugs will be fixed free of charge.


Lighthouse.pdf

Infrastructure

Applications made by Vision 42 need infrastructure (servers, storage, and network) to run on. Vision 42 selects a reliable and cost effective IaaS provider (infrastructure-as-a-service) to host the applications. At the time of writing, this provider is TransIP.

Although our IaaS provider guarantees and delivers 99.99% uptime, the availability of a Vision 42 application will be slightly lower. Keeping potential database and release issues in mind, the effective availability will be at least 99.9%. Internet and customer network issues are out of our control, so the perceived availability at certain user endpoints might be lower. Free or captive-portal based Internet access, like in hotels, are often not stable enough and can cause suboptimal operation. Intermediate cyber attacks of the distributed denial of service type, have been known to cause multi-hour Internet connection saturation.

The primary datacenter is state-of-the-art and is located in Amsterdam, The Netherlands. See the attached fact sheet for details. Our IaaS provider has a massive bandwidth available.

Vision 42 applications run on redundant physical servers. All servers are over-dimensioned, so they have power to spare. Currently, the specifications of a single virtual server are:

  • CPU cores: 4
  • CPU frequency: 2.4 GHz
  • CPU use, typical: < 10%
  • Memory: 8 GB
  • Memory use, typical: < 10%
  • Disks: Intel solid-state drives (SSD), exclusively.
  • Although present, swap space is barely used.

The Datacenter Group Amsterdam.pdf

Backup and Restore

Although our IaaS vendor provides backups every 4 hours, we choose not to place all of our eggs in one basket. That is why we make use of a independent BaaS provider (backup-as-a-service). At the time of writing, this provider is rsync.net.

Geographically, the secondary datacenter is located in Denver, USA [2]. In contrast with Amsterdam [1], Denver is located one mile above sea-level. The geographical difference between both locations provide protection against complete data-loss caused by most natural disasters. Additionally, offsite backups are kept at two separate locations in Belgium [3]. In case a big asteroid destroys The Netherlands, Colorado, and Belgium at once, we fear your data may be lost. At that moment, it will be the least of your problems...



All files, including the transaction log of the database, are copied hourly to Denver. Daily, a full backup of the database is performed, verified, and stored in both datacenters. We keep at least seven daily snapshots (much more offsite), so we can restore up to a week ago. Our RPO (recover point objective) is 1 hour in a worst case scenario, making use of the remote transaction log. In case of a complete database loss, we will be able to restore everything - the RPO is zero.

Using the transaction log, we can restore any point in time of the last week. In case of accidental deleting of data, we can remove the harmful commands from the log and restore up to the current situation, without any data loss.

RTO (recover time objective) depends on the SLA (service level agreement) of your support formula and will typically be next business day at most.

Monitoring

Our infrastructure and the applications are continuously being monitored. Alerts are sent to the engineering staff, who often solve the infrequent problems before a customer notices. Monitoring includes:

  • Infrastructure availability.
  • Application availability.
  • Database integrity: out-of-order records, missing pages, malformed records, missing index entries, and UNIQUE, NOT NULL, and FOREIGN KEY constraint errors.
  • Backup of application files and transaction logs.
  • Backup of databases.
  • Backup of system files.
  • Snapshots.
  • Available disk space.
  • Intrusion or privilege escalation attempts.
  • Expiration of certificates.
  • Unauthorized certificates, using certificate transparency logs.
  • Undelivered email.
  • Domain Name System (DNS) configuration.
  • The timely execution of scheduled tasks. Unmonitored tasks also raise an alert.
  • Even the monitoring itself.

Security

All servers run BSD or Linux operating systems. We proactively patch and upgrade all system software. If an intrusion or a privilege escalation attempt is detected, automatic countermeasures will fire immediately.

Instead of passwords, salted cryptographic hashes (SHA-256) are stored in the database. Weak passwords are not allowed. Brute-force attacks are crippled by delaying failed authorization attempts.

All network connections are encrypted, both the client/server as the server/server connections. SSL certificates are always being verified. A strong SSL certificate is used for our servers. We hold these security ratings (reports attached):

Our email is protected from eavesdropping and impersonation by:

  • Opportunistic TLS (StartTLS),
  • Sender Policy Framework (SPF),
  • DomainKeys Identified Mail (DKIM), and
  • Domain-based Message Authentication, Reporting and Conformance (DMARC).

Every write operation can be traced to a specific user, an IP address, and a browser type. For read operations, traditional Apache access, error, and SSL logging is kept for 10 weeks.

Qualys SSL Labs.pdf
High-Tech Bridge SSL-TLS.pdf
High-Tech Bridge web server.pdf
securityheaders.io.pdf
Mail Tester.pdf