Pressero Security & Availability Features

PRESSERO > *Pressero FAQs

Data Centers

Pressero is housed in top tier data-centers around the world to provide you with the latest in data security and availability. 
 
Chicago
  • Physical Security
    • Secured campus environment
    • 24/7 security
    • stationary and roving officers
    • Man-trap
    • Anti-tailgating
    • Card key
    • Biometrics
    • PTZ and stationary cameras
  • Infrastructure
    • 2N Utility
    • 2N UPS
    • Static Switch PDU’s
    • N+20% CRAH’s
    • N+1 Central Chilled Water Plant
    • Diverse communication pathways
    • communication entrance vaults
    • BMS monitoring and control
Amsterdam
  • Physical Security
    • 24/7 security staff
    • Access control
    • Biometric screening
    • Multilayer monitoring and notifications system
  • Infrastructure
    • 2N power factor corrected modular UPS system
    • N+1 fully synchronized generator system
    • N+1 free cooling monitored chiller systems
    • N+1 dynamic CRAC units.
Singapore
  • Physical Security
    • 24/7 onsite security personnel and secure loading docks
    • Fingerprint-activated biometric locking mechanisms
    • Man-traps with weight sensors to determine if equipment is being carried out of the facility
    • 90-day video monitoring with security cameras available for individual cage environments as needed
    • Recorded “in and out” logs
  • Infrastructure
    • Complete redundancy for power system from utility breaker, generators down to power distribution
    • Full compartmentalization/separation of power and cooling distribution paths
    • Completely redundant cooling systems from CRAC units to pumps, chillers and plumbing
    • Highly reliable static transfer switches to move loads to and from primary and secondary circuits
    • Primary and secondary electrical paths fed from two different PDU’s and two different UPS systems
    • Redundant, isolatable mechanical piping

Network and Application Security

All Pressero instances utilize the following network security configuration and processes:
  • Secure Certificates (SSL): Required for Admin and API access.  Optional to add on all storefronts.
  • Cisco Firewalls: Firewalls are configured by certified Cisco engineers for optimal security and performance.
  • Proactive Denial of Service (DoS) monitoring and prevention from data centers.
  • Network Segmentation: Application servers have limited and controlled access (DMZ) to database, file and management servers
  • Centralized security information and event management (SIEM) to correlate and analyze security event data across multiple servers and network devices
  • Vulnerability Assessments are run and monitored on a daily basis
  • Behavioral monitoring system identifies suspicious behavior and potentially compromised systems
  • Intrusion Detection system inspects traffic between devices and servers
  • Web Application Firewall (WAF) on application servers to monitor and stop common hack attempts
  • Reverse Proxy configuration to isolate web application servers
  • Antivirus, with daily updates, on all servers
  • 24/7 security monitoring from certified security management vendor
  • Credit card information is not stored.  In addition, the EULA prevents the storage of sensitive information in the system.

Application Availability

  • DNS (for Pressero administration, and for storefronts if we host DNS for them) is hosted with Amazon Web Services, so it is distributed and resistant to downtime
  • Load balancers route traffic to redundant web application servers
  • External monitoring system checks availability of Pressero every two minutes and notifies Aleyant staff 24/7 of any problems
  • Redundant hard drives prevent data loss and downtime in the event of a drive failure

Backup & Recovery

  • Essential data is backed up daily to off-site locations for disaster recovery purposes .
  • Data center has stand-by equipment and staffing available for a rapid recovery.
  • In the event of a catastrophic event that disables the data center, an off-site location has the equipment and bandwidth available to host all essential services.