Features
Features and Comparisons
4. How does SASSIE keep our system stable and secure?
Overview
For over a decade (since 1998), SASSIE server insfrastructure has enjoyed
a perfect security record and 99.99% uptime. Physically located in 4 datacenters
and 50+ servers across North
America, SASSIE follows these best practices:
- "Hot" database replication
- Daily on-site and offsite backup
- RAID-5 hard drive arrays
- Load balanced webservers
- Complete redundancy of all critical hardware and network infrastructure
components
- Multiple Tier 1 Internet Service Providers
- Data Security: IDS/HIDS (Intrusion detection systems), Firewall, Passive
Exploit Defense, Binary System Validation, Periodic Security Scans
- Physical Security: Keycards, biometrics, 7/24 surveillance, locked cages
In 2010, SASSIE began migration of its server operations to AWS, better
known as the "Amazon Cloud". Their state of the art "EC2" services will
offer the following advantages to SASSIE's operations:
- Massive computing capacity (backed by Amazon's world class datacenters),
dynamically scalable upon demand
- Geographical redundancy - SASSIE's main servers and backup resources can
be placed in multiple locations all over the world, greatly reducing vulnerability
to regional internet service outages and physical datacenter emergencies.
- Near-instant scalability - Acquiring, installing and configuring new servers
to increase capacity typically takes weeks. A new virtual SASSIE server will
take hours to launch. Bottom line: SASSIE will be able to grow to meet even
the largest client's demands.
- Remote "hot" database replication - "Slave" database servers
can now be physically located far from the "Master" database servers and
still carry up-to-the-second current backup copies of SASSIE data.
- Unprecedented disaster recovery - even in the so called "nuclear" worst
case scenario where an entire Amazon datacenter were destroyed, new virtual
SASSIE servers could be launched and operational within hours in other Amazon
datacenters.
- Enhanced international performance - SASSIE servers can now be strategically
placed nearer international mystery shopping companies for faster, more stable
server performance.
- World class security protocols - Outlined in detail at http://aws.amazon.com/security/, SASSIE
will enjoy the same levels of SAS70
Type II audited security as other AWS clients
such as Virgin Atlantic,
the Washington Post, Harvard Medical School and Amazon itself.
As a note of interest, SASSIE appears to be the most visited mystery shopping
website in the world and one of the top 6000 websites in the US (#5339),
according to independent auditors at Compete.com:
http://siteanalytics.compete.com/shopmetrics.com+sassieshop.com+archondev.com/
http://siteanalytics.compete.com/mysteryshop.org+sassieshop.com+volition.com
Back to Top
4.1 - 4 levels of Backup
In the unlikely event of data loss, your SASSIE Hosting and Maintenance fee
includes 4 levels of backup in 3 geographical locations, and can often get
you back up and running in minutes:
- SQL hot replication - each SQL server has a "twin" that keeps an up-to-the-second copy of all of your data. In the event that your primary database server goes offline, the twin will take its place, ensuring that you never lose data due to server malfunction.
- RAID-5 drive configuration - With a RAID-5 configuration, two copies of your data are accessible at all times on EACH server.
- Nightly backups to separate server - every night, a full copy of your data is backed up.
- Nightly offsite backups to separate server - every night, a full copy of
your data is backed up to a server at a second location outside of our
hosting facility.
Back to Top
4.2 - RAID 5 with instant recovery and dual power supplies in each server
The most common server failures are due to hard drive crashes and power supply meltdowns.
- RAID-5 configurations guard against hard drive failure in two ways:
- Two copies of your data are accessible at all times
- Each server has three hard drives instead of one
- If any hard drive fails, the others will immediately take over and continue normal operations.
- RAID-5 is typically an upgrade that would cost you thousands of dollars to have installed on your system. With SASSIE, you receive this service for free.
- Every SASSIE server has dual power supplies, so if one fails, your service won't be interrupted.
Back to Top
4.3 - 4 Way Physical Protection
These days, we need to know that our data facility has all the necessary physical safeguards.
SASSIE's facility has the following protections:
- Fire - Our facility features a VESDA fire detection system and is equipped with dry sprinkler systems to provide early fire detection and server-safe fire suppression (conventional water sprinkler systems can short circuit and damage your servers).
- Power - SASSIE's hosting facility receives power from two different power utility plants, meaning that two cities must lose their power before SASSIE loses electrical service. Even then, four one-megawatt generators are in place to provide 150% of the backup power needs in the event of total power failure.
- Unauthorized entry - Biometric recognition systems and 24/7 4-man security personnel prevent entry by unauthorized personnel.
- Environmental - SASSIE's facility has a fully redundant Leibert HVAC system, which maintains temperature and humidity to rigid standards.
Back to Top
4.4 - Load Balanced Server Architecture
Will system performance be consistent during the busiest time of the day?
Our datacenter features a "load balanced" architecture that delivers fast and stable performance, even under the most extreme conditions. We utilize multiple redundant web servers and database servers so that your system will remain operable even if a server goes offline or reboots.
Furthermore, multiple state of the art "load balancers" route traffic to the least busy web server (or database server) guaranteeing optimal performance even during the heaviest of traffic. We're confident that our datacenter represents the ultimate cutting edge in the mystery shopping industry.
Our hosting facility also guarantees 99.9% uptime and has multiple backup internet connectivity - if one line goes down, your traffic will be rerouted to other lines instantly without your clients ever knowing.
Six tier one providers have fiber installed into the facility:
- Cable and Wireless
- Genuity
- Global CrossingSprint
- Verio
- WorldCom/UUNet
Back to Top
4.5 - Unix Server Security (Virus Protection – NOT Microsoft Servers)
SASSIE runs on Unix Servers, not Microsoft Servers which are notorious for their vulnerabilities to hackers and viruses (such as the Slammer Worm which infected thousands of Microsoft SQL database servers in early 2003). SASSIE's network is also protected by a front end firewall to prevent unauthorized access to SASSIE's servers.
Back to Top
4.6 - Separate Database and Web Servers
Your SASSIE system sits on two servers - one to handle your web pages, and one to handle your databases. Your database server is NOT directly connected to the internet and can only be accessed by SASSIE web servers, a huge layer of security against would be hackers trying to alter or steal your client's data.
Back to Top
4.7 - Individual User Logins
Sharing of user accounts is a serious security issue. SASSIE can create a separate account for every staff member, client manager, scheduler and shopper who uses the system and gives you extremely tight control over their viewing privileges and administrative privileges. There are over 40 different privileges that can be turned on or off for each individual (reviewer access, scheduler access, billing access, access to certain clients only, etc...).
Back to Top
4.8 - SSL Encryption of Shopper Personal Data
Our shoppers are concerned about entering personal information over the website.
On SASSIE, shopper signups take place on a secure SSL layer (the kind used by online credit card transactions) which encrypts the transmission of their data. Your shopper's browsers will notify them that they're entering a secure site when they sign up or edit their personal data. Also, sensitive information like Social Security numbers are kept in encrypted format in the databases themselves - even if someone were to steal the databases themselves, they would not be able to read the encrypted data.
Back to Top
4.9 - 24/7 Server Monitoring
How do you know if our system is down? Do we need to notify you?
Monitoring software checks each of SASSIE's servers every few minutes, and sends electronic pages to at least 5 of our staff if the servers are unresponsive.
Back to Top
4.10- Logins expire after a period of inactivity
Another security issue occurs when a user walks away from their computer and forgets to log themselves out, leaving a live connection open. SASSIE detects when an account has been inactive for an unusual amount of time and logs that account out automatically. Don't use a system that relies on every shopper, client and staff member to log themselves out every time!
Back to Top