Located in the world class Sanity Technology Datacentre situated in Brisbane, Queensland.
Sanity Technology has been our server provider for the last 11 years and they have never had a security breach. The Datacenter is keycard access only with 24/7 CCTV monitoring.
Server backup and server security
We have a comprehensive and fail-safe backup policy in place. All of our web hosting plans include complete online and offline backups free of charge. Offline backups are kept offsite for disaster recovery purposes.
These offsite backups contain two copies of the above listed online backups (two months worth) and stored securely offline. All offsite/offline backups are encrypted. To retrieve an offsite backup, an hourly fee may be charged depending on backup size.
Brand Toolbox’s backup infrastructure is outlined below:
- RAID — RAID involves multiple hard drives with multiple copies of data. If one drive fails, the other picks up the slack. RAID protects against hardware failure.
- Primary backup — This is a backup taken at regular intervals of every website, database and virtual server. The backup is located on a dedicated backup server that is securely separated from our standard hosting servers. If you need a database backup restored from last week or a month ago, this is where we will retrieve the backup for you.
- Secondary backup — This is a backup of level 2, again located on separate dedicated storage devices. All backups here are compressed and encrypted, ready for level 4.
- Offline backup — This is the clincher that makes the whole backup system foolproof. The level 3 backup is rotated regularly and taken offsite to a secure facility. These backups are offline (powered off) and unplugged from the internet at all times.
The infographic below details our setup of no less than three backups of our Web, Database, Mail and HyperV services. Additionally, each server and backup device utilises RAID to protect against hardware failure.
We have accounted for all scenarios (data loss, security breaches, acts of God). You will never lose data. We have a 99.989% uptime over the last 12 months and that includes downtime for server maintenance.
Malware scanner and Intrusion detection
The web server host runs their own custom malware scanner and Intrusion detection system. Intrusion detection is provided at a network level (i.e. monitoring for suspicious FTP or email logins from overseas connections).
Data separation
- SQL Server: Maximum permissions is DBO.
- Web Server: Each site runs in a dedicated application pool and runs FTP user isolation^. Any Remote Desktop Connections to the server will only be permissible to whitelisted IP addresses.
^ Dependent on plan chosen.
Security breach and event logging
If a security breach did occur, all impacted customers would be contacted accordingly (by email and telephone). We can provide web logs and windows event viewer logs (upon request and at cost).
Brand Toolbox staff
All Brand Toolbox and Studio Syn-RG staff, employees and contractors have been thoroughly background checked, including previous employer and internet checks. Staff are given their own unique administrator access to your application and this access will be removed once an employee leaves the business or no longer requires access to your application.
25 July 2017