On November 11th, 2017, ShareVault moved to an even more secure, available, scalable and performant cloud-based infrastructure managed by ClearDATA at Amazon Web Services (AWS).
Because the new infrastructure is based on an elastically scalable architecture, it allows ShareVault to adapt both compute and storage resources on demand, based on current loads. In addition, the new architecture will enable us to enhance not only the security and availability of our platform but also the speed, so that our users benefit from an even snappier, more responsive user experience.
NEW HOSTING PARTNER
The new ShareVault infrastructure is managed by ClearDATA; an AWS certified advanced consulting partner. AWS provides the dedicated hardware, secure data center, advanced resiliency functions and the optimized and secure networking technology.
ADVANTAGES OF THE NEW INFRASTRUCTURE
The new ShareVault infrastructure provides a number of advantages concerning scalability, security, availability, and performance.
Using a combination of load balancing and queuing so that the current load is distributed across multiple servers, the new architecture allows for elastic scalability. When the load on the application servers causes reduced performance, new application servers can be quickly deployed to handle the increased load. Once the load returns to a normal level, the number of servers can be rapidly reduced accordingly.
The storage resources in the new ShareVault infrastructure are also elastically scalable so that as our business grows, we can increase our storage with no downtime.
ClearDATA manages the AWS infrastructure on behalf of ShareVault, assuring that security best practices are followed. ClearDATA’s AWS services are certified SOC 1/2/3, PCI, ISO 90001 / 27001 / 27017 / 27018, FedRAMP Moderate, DoD CC SRG IL2, HIPAA, and HITRUST. These security certifications are essential to ShareVault since our customers’ files often contain personally identifiable information (PII), protected health information (PHI), and other sensitive information. Also, these certifications confirm that trusted third parties have verified for our adherence to the proclaimed security controls and their effectiveness.
The ShareVault servers are dedicated instances located in an AWS virtual private cloud (VPC), assuring that the hardware is not shared with other AWS accounts. Each AWS server instance in the new ShareVault infrastructure is hardened according to ClearDATA’s best practices and in accordance with the relevant security standards.
ClearDATA management services provide dedicated real-time monitoring for network/applications, system anomalous events, emerging threats, event investigation, detection escalation, and incident response support.
The layered security architecture is based on separate public and private subnets combined with AWS security groups to maximize isolation and limit access. Backend access to the servers is done via VPN through a firewall. As with the current ShareVault infrastructure, customer data files are encrypted at rest with key management, with the option for customer-managed keys.
The new ShareVault infrastructure is based on a high-availability architecture with redundancy at multiple levels. At all times, there are at least two instances of each of the server types located in two different AWS availability zones, ensuring geographic redundancy, independent infrastructure, and real-time failover in the event of a failure.
Additionally, snapshots of all servers in the ShareVault infrastructure are written daily to encrypted AWS S3 storage so that in the highly unlikely event of both availability zones being affected in the AWS Region that hosts ShareVault, a disaster recovery of ShareVault can be quickly deployed from the snapshot. Encryption keys for the customer data files are stored in a separate AWS region so that they can be accessed for disaster recovery.
Finally, scheduled downtime for software updates, enhancements, bug fixes and patches will be virtually eliminated since the updates can be applied in stages to one server at a time, while the other server(s) in the system take up the slack while the update is being performed.
The new ShareVault infrastructure has over three times as many servers, providing for higher bandwidth, faster computations and more rapid access to storage, resulting in snappier, more responsive user experiences.
John Badger is Co-founder and VP of Marketing & Product at ShareVault. He has a BSME from UC Berkeley, an MBA from INSEAD and more than 20 years of experience in growing technology companies. He is passionate about growing sales through strategic marketing, lead generation, innovative selling tools, product marketing and market-driven product management.