Responsive hosts data primarily in AWS data centers that meet most major compliance standards, including SOC, FISMA, FedRAMP, DoD CSM, PCI DSS, and ISO 9001 / ISO 27001 / ISO 27701. AWS’s security program covers all aspects of security, including Physical and Environment Security, Business Continuity Management, Network Security, Access Controls, Account Management, Secure Design Principles, Change Management, Logging and Audit Capabilities, and Security Checks.
Layers of security
Our flexible, multitier architecture is designed to be scalable, resilient and highly secure. The security layers include: Intrusion Detection and Intrusion Prevention Systems (IDS/IPS), anti-virus and anti-malware protection, network firewalls, Host-based Intrusion Detection Systems (HIDS), Data Leak Prevention, DDoS protection, monitoring and alerting systems, and network isolation.
We have designed, architected and built a highly resilient platform with sufficient redundancy, scalability and failover capabilities to minimize downtime. Additionally, we host our services with our cloud-hosting partners that offer multiple levels of built-in redundancy and geographical distribution. We understand even the best designed and tested systems can experience failures. For such rare events, we have state-of-the-art monitoring and alerting systems in place so our engineers can proactively respond to issues that could lead to service disruptions.
We have implemented a comprehensive business continuity and disaster recovery program. We test the business and disaster recovery plans over and over again, so it becomes muscle memory when disaster strikes. We continuously evaluate and revise our plans to ensure that the plans stay up to date as our technology and architecture evolve, as well as to stay pace with the evolving threat landscape. Our disaster recovery plan considers how to deal with the following possible events:
- Natural disasters (i.e. earthquakes, fires, floods and storms)
- Computer software or hardware failures
- Computer shutdowns due to hackers, viruses, etc.
- Processing shutdowns
- Power disruptions, power failure
- Labor strife (i.e. walkouts or shutdowns)
- Terrorist acts (or acts of war)