- Our continuous database backup system allows us to restore your data from anytime within the previous 3 days
- We also store 30 days worth of daily database snapshots so your data will be there in the event of an emergency
- All documents and attachments are stored with the reliability of Amazon’s S3 data storage which is designed to sustain the concurrent loss of data in two facilities
Our team routinely runs through disaster recovery tests to verify projected recovery times and the integrity of your data.
- We use a Global CDN to ensure availability of resources in distributed regions
- We employ Elastic Scaling to ensure that performance and availability of the service is high
- We guarantee 99.5% availability. Additional details can be found in our MSA.
- All of our servers run on Amazon’s EC2 cloud service. The service runs within Amazon’s proven network infrastructure and data-centers. The Amazon EC2 Service Level Agreement commitment is 99.95% availability for each Amazon EC2 Region
- All file attachments are backed by the reliability of Amazon’s S3 storage service which is designed to provide 99.99% durability and 99.99% availability of objects over a given year
- All of our servers are monitored 24x7 to identify any outages. In the event of an outage, our internal operations team is immediately notified and is on-call to respond to such an event
- All of our servers are firewalled to only allow access to necessary services
- We utilize modern configuration management software to ensure consistent configuration across our infrastructure
- All of our servers are updated regularly as part of our regular security audit procedures
- Comprehensive platform protection against all known and emergent site availability attacks and the application of best practices to mitigate known industry-wide security vulnerabilities.
- Managed platform services and data stores are deployed in a zero-trust environment
- HTTPS-only website and integration API access
- Deployment of best practice HTTP security headers
- Protection against:
- Open Web Application Security Project (OWASP) top security risks
- Latest emerging common vulnerabilities and exposures (CVE)
- Cross-site scripting attacks
- Cross-site request forgery attacks
- Code and SQL injection attacks
- Brute-force sign-in attacks
Data Center Certifications and Accreditations
The data center, where MindTouch is hosted, has the following certifications and accreditations to ensure standards at a server level:
- SOC 1/SSAE 16/ISAE 3402
- FISMA Moderate
- PCI DSS Level 1
- ISO 27001
- International Traffic In Arms Compliance
- FIPS 140-2
With an included shared or optional custom domain, and TLS 1.1 / TLS 1.2 access, you can rest assured that any data being sent between your browser and the server is safe and secure.