MicroBiz Security Policy

Overview of Security Policy for MicroBiz Cloud

 

Cloud Network

We utilize premier cloud computing services providers for our MicroBiz Cloud service. Our primary vendor is Hetzner Online, a cloud services data center provider based in Germany.  Hetzner is certified in accordance with DIN ISO/IEC 27001.  We also utilize the services of Digital Ocean and Amazon Web Services (AWS).

Data Centers

Hetzner maintains two state of the art data center complexes in Nuremberg and Falkenstein/Vogtland, Germany.  Each site is staffed 24/7/365 with onsite security and to protect against unauthorized entry. Each site has security cameras that monitor both the facility premises as well as each area of the data center internally.  The Hetzner data centers have redundant power, onsite diesel generators and battery backups, physical security, and multiple network transit paths.  There is video-monitored high-security perimeter fencing around the entire data center park.  Entry via electronic access control terminals with a transponder key or admission card.

Network Connectivity

Hetzner maintains multi-redundant network connections to important Internet exchanges to provide fast website access.  Hetzner uses multiple tier-1 network transit providers at each facility and all connections are at least 10 gig-E to ensure redundancy and capacity, with some connections (such as to Google, Amazon and OVH) over 50 gig-E.

Snapshot and Backup Security

All customer data is stored in servers located in third party data centers. Your data is replicated and written to multiple disks within multiple servers within a server cluster. Your data is backed up daily and stored at a different third party cloud provider at a separate location. For redundancy, we use Amazon Cloud Services for snapshots and backups.  These images are stores at AWS on an internal non-publicly visible network on NAS/SAN servers.

MicroBiz Cloud Redundancy and Uptime Planning

MicroBiz Cloud servers are made up of multiple physical servers, switches, hubs and network cards to reduce the possibility of hardware failure. We maintain multiple clusters so that groups of customers can be maintained on different server clusters based on size and/or geographic location. These clusters include application servers, database servers, background task servers and a sync monitor.

DDoS Protection

The network of MicroBiz’s primary cloud providers are protected with firewalls and carefully monitored.  For example, Hetzner Online uses its automated security tools to protect web applications, websites, servers, and IT infrastructure from this threat. Its automated system recognizes almost all attack patterns in advance, allowing it to block the attacks and effectively thwart the vast majority of them. Hetzner uses the hardware appliances and sophisticated perimeter security technologies to provide protection against large-scale DDoS attacks.

Credit Card Security

Credit card payment information provided for one time transactions is not retained. For recurring payments, we enter card info into a virtual vault managed by Recurly Inc. and TSYS – which power online transactions for thousands of business and SaaS platforms and comply with PCI standards in the storage and handling of credit card information. For PayPal transactions we pass off customers directly to PayPal, which is also PCI compliant.

Want to learn more?

If you have other security questions call our support at 702 749-5353 or email [email protected]

Need to report an incident?

Please call our support at 702 749-5353 or email [email protected].