By default, clients are hosted at Hetzner's main data centre in Johannesburg have with a standby micro instance at Hetzner's data centre in Cape TownMicrosoft Azure. Hetzner's data centres are all equipped with CCTV cameras and access is granted to Hetzner employees via biometric access. We try our absolute best to secure your data and prevent unauthorised access while keeping your data accessible whenever it is needed.
From 1 September 2019 all TaskFlow databases are hosted on Azure Cloud.
Clients can opt to host in Microsoft Azure's data centre in the South Africa North (JHB) region with backups being made to South Africa South (CPT) regionregion by paying an extra monthly fee. Azure has more regions than any other cloud provider and they provide complaint and resilient solutions. Backups are handled by Azure and they ensure that all servers remain accessible.
We do accommodate clients who want Clients can opt to host TaskFlow on premises , in which if there is a very good reason for wanting to do so. In this case it is the client's responsibility to provide us with a server . On premises clients have the responsibility to restrict access and to ensure that access is restricted to the server and are also responsible for making backups and storing the backups securely. Clients also have the responsibility to perform daily backups and maintenance.
Backups / Disaster Recovery
We keep 7 days full backups for each TaskFlow database. Backups are replicated (via a secure channel) between regions as well as to a physical location outside of Azure Cloud. Backups are made at 02:00 every day. Backups are not sent across the boarder - i.e. the data remains in South Africa.
- All of our servers' hard drives run in a RAID 1 configuration. In case a server fails completely due to hardware issues, we will be able to spin up all of the clients on the counterpart slave server within 4 hours.Hard drives are set up in either RAID 1 or RAID 5 configuration ensuring no data loss due to the failure of a single drive
- Servers have multiple network interfaces that are set up in a Linux Bond ensuring that traffic can be routed in case an interface becomes unavailable
- Servers have a dual hot-swappable power supply, ensuring uptime even if one power supply fails
- RPO (Recovery Point Objective): Clients will never lose more than 24 hours worth of data. This will only happen when we are unable to restore a slave server and have to restore your TaskFlow instance from the previous days' backup.
- RTO (Recover Time Objective): Clients will be offline for a maximum of 4 hours in case an entire data centre becomes unavailable.
Login details are hashed using industry standard hashing techniques. Not even TaskFlow staff has access to your passwords. In the event that a client loses their password, the only option is to send password reset instructions. When logging into TaskFlow, if you're a SaaS client, your data is always transmitted via HTTPS. You can verify this from within the browser by making sure that a "lock" icon is present.
All code changes made to the TaskFlow framework is evaluated and reviewed by TaskFlow engineers before it is deployed to our clientsthrough a peer review process. In addition, our automated testing platform performs unit tests and code auditing and provides our engineers with reports that are used to determine if changes introduce any bugs or regressions.
Changes are carefully written up and compiled in a new version release document which is distributed to clients prior to deploying new versions. Opportunity for feedback is given and our engineers ensure that upgrades always result in a better product for the user.