Versions Compared

Old Version 7

changes.mady.by.user Andre de Kock

Saved on

compared with

New Version Current

changes.mady.by.user Andre de Kock

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Hosting

If you are a SaaS client, your TaskFlow instance is hosted at Hetzner's main data centre in Johannesburg with a standby instance at Hetzner's data centre in Cape Town. Hetzner's data centres are all equipped with CCTV cameras and access is granted to Hetzner employees via biometric access.

We also By default, all clients are hosted inside one or more of the Terraco data centres located in Johannesburg, Cape Town and Durban. These servers are managed by TaskFlow and we ensure high uptime as well as data replication between these data centres to ensure the best experience for our customers. We use a hardened operating system and are up to date with all of the latest security best practices.

We partner with CloudProx, Hetzner and Microsoft Azure to ensure full data redundancy and always store backups in different locations should a data centre become completely unavailable. All data remains within the borders of South Africa.

We accommodate clients who want to host TaskFlow on premises , in which case it is the client's responsibility if there is a good reason for this. In these cases the client needs to provide us with a server . On premises clients have the responsibility to restrict access to the server and are also responsible for making backups and storing the backups securely.and is responsible for securing the server. It is also the client's responsibility to perform hardware maintenance and make daily backups.

Availability SLA

Our server infrastructure will improve over time. At the time of writing we are able to provide a 99.9% uptime to our clients. This excludes the on premise clients since we cannot control all the variables, such as power supply to the server and network uptime.

Availability %Downtime per year
993.65 days
99.98.76 hours
99.9952.56 minutes
99.9995.26 minutes
99.999931.5 seconds

Backups / Disaster Recovery

We keep 7 days full backups for each TaskFlow instance hosted on our serversdatabase. Backups are replicated ( via a secure channel ) between data centres regions as well as to a physical location outside of Hetzner's data centre. Backups are made at 0002:00 every day.

In addition to daily backups, all databases are replicated in real time to a slave server. Databases hosted in Hetzner's Johannesburg data centre are replicated to a slave server located in Hetzner's Cape Town data centre and vice versa.

Hardware failure:

  • All of our servers' hard drives run in a RAID 1 configuration. In case a server fails completely due to hardware issues, we will be able to spin up all of the clients on the counterpart slave server within 4 hours.

Disaster recovery:Backups are kept within the borders of South Africa.

Hardware failure

  • Hard Drives
    • RAID configuration ensures data loss is impossible in case of a single drive failure
    • Entire drive snapshots are made and securely transferred to a different region
  • Memory
    • Multiple memory modules ensuring no disaster for single failure
  • Power Supply
    • Dual hot-swappable supply ensures uptime even if one power supply fails
  • Network
    • Two physical network cards ensures uptime even if one card fails
    • Interfaces are set up in a Linux Bond ensuring automatic fail-over
    • Multiple breakout points to the internet are provided via BGP

Disaster recovery

  • RPO (Recovery Point Objective): Clients will never lose more than 24 hours worth of data. This will only happen when we are unable to restore a slave spin up the High Availability server and have to restore your TaskFlow instance from the previous days' backup.
  • RTO (Recover Time Objective): Clients will be offline for a maximum of 4 hours in case an entire data centre becomes unavailable.

...

  • This is due to configuration needed in order for the High Availability server to be fully up and running

Servers are constantly monitored and TaskFlow system administrators are notified whenever crucial events occur.

Database security

Your database is only accessible via your TaskFlow URL (e.g. demo.taskflow.co.za). Although all clients' databases run on one cluster there is no data sharing between clients' databases what so ever. Your database is replicated over a secure connection using key pair authentication.

We give direct Direct database access (read-only) can be provided to clients who wish to mine their data with BI tools. Please send an email An email can be sent to support@taskflow.co.za to request thisaccess. We will follow the necessary steps to ensure that the person requesting access is authorised to do so.

Password security

Login details are hashed using industry standard hashing techniques. Not even TaskFlow staff has access to your passwords. In the event that a client loses their password, the only option is to send password reset instructions. When logging into TaskFlow, if you're a SaaS client, your data is always transmitted via HTTPS. You can verify this from within the browser by making sure that a "lock" icon is present.

...

TaskFlow employees have access to the administrator account on your TaskFlow instance. We may log on from time to time in order to assist with support requests. We use our discretion to only access data that relates to the support request and we have policies in place to ensure that TaskFlow employees do not copy data without authorisation from the client.

System security

Only a select few TaskFlow engineers have access to the server clusters. The only means of logging in is using secure key pair authentication via SSH. We only allow TaskFlow engineers access to the server clusters from our office's location (i.e. no access is granted to any IP address other than our static IP at our office).

We use a hardened Linux distribution as our operating system and have configured our firewall to only allow access on certain ports. Our servers are also resilient against DDoS attacks. We make every best effort to adhere to best practice / standards when securing our network, infrastructure and data.

Software security

TaskFlow as a framework is designed in such a way that it prevents all of the most common types of attacks:

...

All code changes made to the TaskFlow framework is evaluated and reviewed by TaskFlow engineers before it is deployed to our clientsthrough a peer review process. In addition, our automated testing platform performs unit tests and code auditing and provides our engineers with reports that are used to determine if changes introduce any bugs or regressions.

Changes are carefully written up and compiled in a new version release document which is distributed to clients prior to deploying new versions. Opportunity for feedback is given and our engineers ensure that upgrades always result in a better product for the user.