Data security

Posted July 28, 2019 by Clark Wilkins

We've taken a lot of steps to ensure both privacy and safety of your data in the servicd platform, and with the latest updates, we think we've got a very robust system that we want to explain in (relatively) non-technical terms.

“Good fences make good neighbors”

It's not economically (or structurally) sensible to put every client on their own isolated server. We want to keep operating costs down through efficient methods, and having servers run idle or under extremely light loads does not meet that goal. That said, we do need to make sure that your data is only accessible for your team.

This is why your servicd install is assigned a unique subdomain — usually your_company_name.myservicd.com. At the very beginning of each page load, we strip off the subdomain your_company_name and redirect your traffic to a unique database that only contains your data. Your login string has to have two components: your valid subdomain and a valid user that's valid within your unique database. It's your “house” and “your”key. As long as you don't give the key out, it's very unlikely that anyone will crack the lock code here.

Automatic backups and disaster recovery

Every night, at 1 AM East Coast time, we make a full backup of your database. Then we compress and label it, and it's sent over to a private repository (with no external access) on the US West Coast.

The fact that we do this every night means two things: (1) we have a recoverable backup that's maximum 24 hours out of date for your installation, and (2) we can (on demand) recover a backup from any date since your installation was created. If there's some catastrophic user error that you discover six months later, and you need to know the state of a data object before the error happened, we can do that.

A good IT-person might ask how would we be able to roll back an evolving platform (remember we update the servicd platform constantly). The answer is that we take advantage of relatively inexpensive storage and include a snapshot of our entire source code at the time the backup was done. This means we can (and have) create a sandbox installation that allows recovery of the necessary data long after the original error occurred.

These services are include in servicd for your safety and our mutual peace of mind. We want your data to be safe. It makes our lives much easier as well. We hope this article helps to clarify what we do about it. Cheers!

A nearly identical article to this appears in our stockd blog which uses the same methods.

prev: Billing reports and new PDF services
next: New email engine