The hardware running the server is stored in a 40 megawatt, 450,000 square foot data centre that is SSAE 16 Type II audited by an independent CPA firm regularly. It is equipped with a dual-interlock, dry-pipe pre-action fire suppression system with VESDA. With respect to earthquake safety, the entire facility exceeds Seismic Zone 4 requirements by up to 15%. The data centre is staffed by security 24/7 and is managed by keycard and biometric access controls. The centre has 100% uptime power protection with redundant 10 Megavolt LADWP feeds, 8 generators, N+1 Uninterruptable Power Supplies (UPSs), automatic transfer switches and redundant load-balancing circuits to all equipment.
The server itself is a VMWare Virtual Dedicated Server running the latest software with regular updates. All aspects of the machine can be fine-tuned including CPUs, RAM and HDD space. The server is connected to a 1Gbps virtual switch infrastructure, and is stored on a NetApp SAN running 15k fibre-channel disks. The server is protected from unwanted intrusion on various levels including locked down firewalls and IP restrictions, and security patches are applied regularly.
The entire server is backed up daily and backups are retained for 7 days and weekly backups for 4 weeks. Additionally all databases and website files are backed up nightly on and off-server, which enables us to restore specific data without impacting other unaffected aspects of the server.
The server is monitored at various levels, data-centre SNMP Monitoring monitors CPU, RAM and disk usage, we monitor site uptime - if anything exceeds norms we are notified immediately.
All server support requests are handled immediately by staff who have intimate knowledge of the server setup and the technical expertise to resolve them immediately. We understand the importance of your site, and are available 24/7 for urgent enquiries. We will notify you of any planned maintenance that will cause any downtime for your site, and any such maintenance will be carried out late at night in low-impact times.
The code your site is written in is constantly reviewed and maintained. SQL Injection hacking methods are blocked at various levels, as well as other attack vectors such as cross-site scripting (XSS). We monitor all of our sites and receive warnings from a variety of systems if any errors occur, and this enables us to review and fix any code bugs, as well as hacking attempts.
All areas of our websites that need to be secured, have all assets within them locked down. All pages, services and code perform ownership and security checks, making sure all sensitive data is secured and all passwords are one-way hashed.