Security

The first thought that comes to mind when we hear Security is crackers trying to break into our servers. But this is only one possibility. In fact, there are some more likely security issues to consider:

  • Guard against data loss, e.g. a RAID system can help in case of SSD hardware failure

  • Regular backups make sure that we can easily restore your data
    e.g. a user or developer may accidentally delete important data

  • Protect access to the dashboards in your DaqMon application: see Access Control

Rock Solid Encryption

DaqMon supports top-notch encryption technology to keep your data secure. It supports TLS (SSL) - the same technology that e-banking systems use to protect your financial online-transactions.

TLS (SSL)

Transport Layer Security is the successor of SSL (Secure Socket Layer). DaqMon can use TLS to encrypt all communication to and from the DaqMon server: e.g. the data that the upload-clients send to the server, or the data that is transmitted between the DaqMon server and the browser of your users: e.g. on their PC, tablet, smartphone, etc.
This encryption provides privacy, data integrity and ensures that the information (including e-mail and passwords) cannot be intercepted by anyone.

HSTS

In addition to TLS DaqMon also supports HTTP Strict Transport Security for additional protection against man-in-the-middle attacks.

Consistent Backups

The DaqMon system is configured to automatically create a consistent backup every day. This is a single file that contains all data, which makes it easy to copy and archive the backup.

Disaster recovery

The DaqMon backup files can be copied to physically distinct locations so that they are safe, even when the server hardware fails. These backup files can be used to restore the exact state that your system was in when the backup has been taken.

Cloud Servers

When you use our Hosting Service, several full system-backups will automatically be created. We can use these backups to restore everything on the same or a new server without the need to reinstall DaqMon.

On-Premise

When you host your own server (see On-Premise), your IT-department is responsible to copy the daily backup file to a safe location.

Restoring the system on new hardware involves a new installation of the DaqMon software and then restoring the backup.

Cloud vs. On-Premise

Do you think that cloud servers are less secure than on-premise servers? Think again!

Cloud servers are usually way more secure than on-premise servers. Even without going into details, it should be clear that data security is the core business for hosting providers, which is why they invest heavily in security. Compare this to your in-house system administrator, IT department or an external IT-service provider: for them, security is just a small (and often annoying) part of their job.

Data Centre Features

The data-centres of the hosting providers have many features, that may not be available or possible on-premise, e.g.

  • Climate control: HVAC (Heating, Ventilation and Air Conditioning) systems keep the temperature constant to maximize the life of the hardware components and optimize performance

  • Redundant power supply systems provide uninterruptible power supply: in the unlikely case of a power outage, the data-centres autonomous power-generators (e.g. diesel aggregates) can deliver the required power for a long period of time. In addition to that, there is often an additional battery-based emergency system that will make sure that the server can be shut down gracefully to avoid the risk of data corruption.

  • Redundant network infrastructure: Routers, Switches, etc.

  • Fire protection: e.g. special in-house fire-extinguishers that don't destroy the servers, early warning systems with a direct connection to the local fire department, special door locking systems

  • DDoS protection: to prevent Denial Of Service attacks where perpetrators try to make the servers unavailable by flooding them with requests

Access Protection

  • Cloud hosting providers have dedicated teams of highly educated security-experts that work 24/7 to protect and monitor their data-centres.

  • Data-centres are protected by several layers of specialized security software which in turn is monitored, regularly updated and validated. Compare this to on-premise installations, where you may find standard firewall or virus-scanners (if any).

  • Physical security of the servers in data-centres is very strict. Hosting providers often employ 24/7 guard staff, video surveillance, biometric authentication, electronic access-control, etc... This makes it virtually impossible to go straight to a server and connect a USB stick.

  • Security is not a one-off job. It requires ongoing financial and human effort to keep systems up-to-date.

  • Hosting providers deploy monitoring software that can detect unusual activities and react immediately, even to new threads.

  • Hosting providers routinely test their systems and run robust risk management programs to proactively avoid any security issues.

  • Hosting providers will constantly monitor the server hardware (e.g. SSD storage, power supply unit, ...) and their staff can replace parts proactively before they fail. Even in the worst case of a fatal failure, the Hosting providers can repair the server immediately (or fire up a new cloud server), since they have emergency staff available 24/7 and they also have all required spare parts at stock. Compare this to your in-house IT department who may not even detect an issue before Monday morning, and then they need to order a compatible hardware part (SSD, etc.) - it may take days until the system is repaired and operational!

  • Cloud servers store their data on RAID systems to decrease the risk of data loss when a storage device fails.

  • Cloud servers usually provide reliable native backup features which can make a full backup while the system is running. These backups can easily be restored on the same server or a brand new server.

Additional advantages of Cloud servers

  • Automatic hardware upgrades: The hosting providers upgrade the underlying hardware of the cloud servers constantly: so you will eventually get newer CPUs/RAM/storage devices without additional cost

  • Easy server scaling: You can easily move your application to a better server (more storage, CPUs, RAM) when required

  • Secure end-of-life: when old hardware is phased out, hosting-providers will make sure to securely erase all data and may even shredder the storage drives to avoid any risk of data leakage

  • Multi-redundant fibre-optical network connections to Internet exchanges guarantee really fast Internet connection.
    In comparison, when you host your server on-premise, you must request a fixed IP-address from your Internet provider which can be costly and slow: note, that especially the upload speed is important in this case.