A Secure, Cloud-Based SaaS Platform
With BRIDGE, your local data is always up-to-date and accessible to your customers and employees across the world. The status site provides transparency for our service availability.
Visit and subscribe to our stat page: status.leadformance.com to learn more about our performance.
BRIDGE understands that the integrity, availability and performance of our customers is key to their business operations and success. To offer the best quality service the BRIDGE SaaS Platform is hosted on the cloud using the latest generation and market leading technology. We are able to leverage real time threat intelligence and have implemented a disaster recovery plan in case of emergencies. On a daily basis our team maintains, updates and upgrades the platform.
Solution Hosting
The BRIDGE Platform is hosted on a public cloud Amazon Web Services (AWS) in Ireland (eu-west-1). Your data is saved every day in a S3 ad vitam aeternam bucket.
The hardware components are self-sized, via AutoScaling Group policies offered by AWS. Our infrastructure can control and respond in a fully automated way to your peak traffic loads. Our production platform does not rely on tW type instances of AWS. Therefore, they are not limited in terms of CPU cycle. The architecture is self-sized meaning, server configurations may change over time to best suit our infrastructure customers.
For more information about the Amazon Web Services security please visit the AWS Cloud Security portal.
Distributed Architecture
The BRIDGE platform uses a micro-service oriented architecture. This type of architecture, based mainly on the use of webservice (REST), load balancers (Amazon ElasticLoadBalancer (ELB) and distributed database (MongoDB, Postgresql via RDS), making it possible to dimension each service according to its actual capacity. It also brings robustness to the platform, since each service is composed of several identical servers, which makes it possible to be fault-tolerant.
For example, some services are redundant up to 6 times, thus allowing to collect the heavy traffic loads that often take place during the Christmas period or during sales season. BRIDGE is also equipped with virtual machines and automatic deployment, making it easy to deploy more machines on the production platform.
In addition, BRIDGE has invested in several caching mechanisms (Redis and Varnish) to optimize response times at the database query level, as well as a html page rendering level. Our development and deployment cycles are short, supported by continuous integration systems (Jenkins, Travis CI), test development practice (TDD and BDD), automated testing (Jasmine, RSpec and Protractor) and of continuous deployment (Docker, Capistrano and Puppet) - allowing the BRIDGE production platform to be updated several times a day, functional increments are visible at regular intervals.
Each module of the platform can be updated independently of the others, providing scalability and continuous performance.
Performance
With several hundred million pages viewed per year, BRIDGE guarantees stability and deliverability of your local pages and local content, even in when your brand is rolling out promotional campaign with high traffic load.
The platform is sized at least three instances of each application bricks, each instance being placed in a separate Availability Zone, more info on Amazon AZ.
Relational databases use RDS so that the Amazon Cloud is used as efficiently as possible.
The Store Locator front ends use the AWS Elastic Load Balancer. Therefore Amazon is responsible for the upload as well as availability. AWS is trusted by well-known brands including: Netflix, Adobe and AirBnb. We use our NewRelic monitoring system to ensure that our Apdex is always greater than or equal to 0.80.
Security and Privacy
Our security policy is built to protect BRIDGE from:
- Spam, with specific rules on the entry points of our application (forms, request of coordinates, etc).
- Failures discovered in one of its components. Our team monitors the technology developments used by BRIDGE, and takes the appropriate action in case of a security patch
- Malicious acts, attacks (hacking, Denial Of Service), rootkits via automatic detection tools and constant updating of the
- Breaches in the source code, our developers are required to follow the practices recommended by industry
Our servers are only accessible from the Amazon LoadBalancer, as well as via the Leadformance VPN. These machines do not have a public IP address to limit the production data accessibility.
As our release cycle for BRIDGE updates is short, we can correct potential vulnerabilities within a few hours of detection. It also proactively protects the operating system and applications from external or internal threats and even zero-day attacks.
Data Protection
BRIDGE processes a large amount of data. Although some of this data is public, we apply very strict security rules. The information transmitted can be critical for you and your customers, and/or may be subject to restrictions by the CNIL.
Our data protection policy guarantee the following:
- No data The BRIDGE database is backed up in real time on a remote server, via streaming technology. This system is coupled with daily backups, maintained for an indefinite period of time.
- Production data inaccessible by hackers (security policy of the platform) or by a non-accredited Each request to access the BRIDGE production data for the resolution of a specific bug is tracked.
- BRIDGE fragments user Rights are specific according to the user type.
- Client projects are invisible to internet users and search engines until their official release.
Leadformance BRIDGE also follows a very strict security policy for its internal operations which are not necessarily linked to BRIDGE.
All user sessions are encrypted, and only administrators can access to BRIDGE databases.
Annual Security Audit
Despite all the precautions taken by the BRIDGE teams, nothing replaces external expertise for security issues. We conduct a complete security audit on the BRIDGE platform on an annual basis. You can contact our support team for more details.
Comments
0 comments
Please sign in to leave a comment.