The Enzyme QMS infrastructure is set up to ensure that our customers' data is protected and backed-up at all time.
In order to ensure this, all Enzyme infrastructure is deployed within an isolated "Virtual Private Cloud" (VPC), a type of virtual private network within Amazon Web Services' (AWS) infrastructure.
Within the VPC all services and data are spread across multiple Amazon Availability Zones. This protects your data should one server or one entire availability zone fail.
Production databases are backed up every night using Amazon's Relational Database Service (Amazon RDS). We keep a rolling record of the most recent 28 days of the database.
All file uploads are stored encrypted in S3, with each bucket locked down with strict policies and versioning enabled, to prevent unauthorized access or data loss.
Below are further additional details about our infrastructure:
The Enzyme QMS cloud platform is controlled using the 'infrastructure as code' methodology. This reduces risk and optimizes performance and stability of the platform.
Each customers application:
- Runs on a Virtual Private Cloud spread across three Amazon Availability Zones
- Persists data using a PostgreSQL database using Amazon Relational Database Service
- Uses a single-tenant architecture, so each customer's database is completely isolated from all other customers
- Uses Amazon ECS to distribute infrastructure services across multiple availability zones, and monitors every service to ensure full availability
- Has appropriate domain names for the application (with SSL certificate for HTTPS) created with Amazon Route 53
- Has all the appropriate security groups and IAM roles to allow application servers to connect with only instances of the same customer's application
- In case of a failure of an AWS task or instance, AWS will spin up a new one automatically and transparently