- Who can see or have access to my information? How do you isolate and safeguard one clients data from other clients?
Like with any cloud based system the DBAs have access to the database. In our case this is true as well. Only our DBAs have access to the database for obvious reasons, no one else. Access to database does not necessarily mean access to data as some sensitive fields like passwords are stored encrypted. Data guarding for isolation of data within the database in ensured by Amazon's RDS service which we are using as our database management service. We employ not only authentication mechanisms but also authorization so access to data for a customer in MOHID and Muntazim is restricted to users and roles created by the customer through their MOHID and Muntazim systems. Data integrity and isolation are ensured through our backend services and through role based authorization on the front end.
- What are your disaster recovery processes?
MOHID and Muntazim are hosted with Amazon AWS. The AWS cloud is one of the most reliable, secure and highly available cloud infrastructures in the industry today. AWS provides a set of disaster recovery services by virtue of its multiple data centers located throughout various geographical regions. For more information please click here http://aws.amazon.com/disaster-recovery/. The MOHID and Muntazim web application and databases are running on geo-redundant infrastructure - EC2, RDS, Elastic Load Balancers, DNS, etc. across 2 Availability Zones: US West-Oregon (Primary), US East-N.Virgina (Backup) which means even in the case of a regional catastrophe, God forbid, the MOHID and Muntazim service and data will be intact, up and running through the other Availability Zone inshaAllah.
- What happens in the event of data corruption?
The Amazon RDS service which MOHID and Muntazim utilize as a database management service replicates the MOHID and Muntazim databases for data integrity. Alarms are configured to indicate any discrepancies detected. RDS maintains several snapshots of the databases throughout a day on various servers and provides DBAs the ability to restore from any one of these. There may be a loss of data in such cases depending on transactions that may have occurred since the last snapshot being restored
- What are your methods for backing up our data?
The Amazon RDS service which MOHID and Muntazim utilize as a database management service provides automated backups that are stored securely across different data centers. For more information please click herehttp://aws.amazon.com/rds/
- How often are backups made? How many copies of my data are stored, and where are they stored in US or Other Location? and who will have access to the backups?
The Amazon RDS service which MOHID and Muntazim utilize as a database management service provides automated backups that are stored securely across different data centers. Currently our full database backups occur every 24hours. The backups are stored in the data centers corresponding to the 2 geo-redundant Availability Zones or Regions that MOHID and Muntazim utilize: US East 2-Ohio (Primary), US East-N.Virgina (Backup). No data (backups included) is stored in any location outside the US. Our DBA's will have access to the backups.
- How is activity in my account monitored and documented? What auditing capabilities are provided: Admin/MGMT, Billing, System Information?
All account activity related to user including access, transactional updates, profile changes, etc. and/or automated operations such as online transactions, automated receipts, etc. are logged and generate an audit trail. System events are logged internally as well as externally by Amazon services.
- How reliable is your network infrastructure?
We are proud to say that, Alhamdolillah, MOHID and Muntazim are hosted on the most reliable infrastructure available in the industry today - Amazon AWS. The network design is done in a way to optimize security by utilizing 2 firewalls to isolate access to the MOHID and Muntazim databases from public networks, provide fault tolerance, load balancing across multiple servers and auto scaling using Amazon's Auto-Scale (http://aws.amazon.com/autoscaling/) capabilities to dynamically spawn off additional instances based on high load in addition to being geo-redundant across 2 Availability Zones or Regions - US East 2-Ohio (Primary), US East-N.Virgina (Backup). See the attached infrastructure details at the bottom
- Any payment transactions thru MOHID and Muntazim are they secure and PCI compliant? do you store any financial information in your system?
All payment transactions through MOHID and Muntazim are secured by 256bit SSL encryption between the clients (browser, kiosk, mobile app) and the MOHID and Muntazim server. The APIs used by MOHID and Muntazim to interface with payment processors like Forte and Paypal utilize HTTPS as transport and hence 128-256bit SSL encryption. No credit card information (number, expiration, CVV) is stored in MOHID and Muntazim even though the Amazon AWS data store (Elastic Block Store) and other services are PCI compliant http://aws.amazon.com/compliance/pci-dss-level-1-faqs/
Click here to see the MOHID and Muntazim deployment infrastructure architecture.