We use multiple Amazon® EC2 (Elastic Compute Cloud) instances running within a virtual private cloud. Amazon EC2 presents a true virtual computing environment, allowing web service interfaces to launch instances with a variety of operating systems, load them with a custom application environment, manage the network’s access permissions and other security configurations, and run AMIs (Amazon Machine Images) using as many or few systems as needed. Capacity is automatically scaled for optimal user experience and optimal server load, hence the “elastic” design of this innovative hosting environment.
Transactional email is a crucial part of our communications infrastructure, including order fulfilment and other mission-critical notifications. To ensure the highest delivery rate, we uses Amazon SES and Infusionsoft, highly scalable bulk and transactional email-sending services for businesses and developers. These services integrate with other AWS services, making it easy to send emails from applications being hosted on EC2. Amazon SES uses content filtering technologies to meet ISP standards and provides a built-in feedback loop, which includes notifications of bounce backs, failed and successful delivery attempts, and spam complaints. The service ensures that our email notifications to survey creators and survey respondents arrive dependably in the inbox.
File downloads are hosted using Amazon’s S3® network, allowing secure and redundant storage for any digital assets such as images and CSS. This sequestering of data downloads into the Gigabyte range ensures that our survey performance never suffers from high-volume download activity. Regular, systematic data integrity checks, self-repair and checksum calculation of data packets when storing or retrieving data greatly increases reliability and durability.
Hosting for common assets used in Obsurvey stores (such as graphics and CSS) is optimized in our platform using Amazon’s Cloudfront global content delivery networks (CDNs). This service allows faster page load times for the many Obsurvey clients whose surveys target a global audience.
OS & Software Stack
Obsruvey uses a 3rd-party monitoring service as a second method of gaining insight into our servers’ performance. This piece of our technical infrastructure allows an independent, detailed view of server and store uptime and other statistics.
One important part of this service is geographical testing, showing server performance for multiple locations around the world. It also provides host-independent advanced warning services, along with notification services to cell phones, SMS and email.
We deploy a globally-distributed 3rd-party DNS service (Cloudflare) with 100% uptime. This service enables enhanced speed of domain lookup and resolution across the globe, with built-in fail-safes for individual DNS nodes. A globally-distributed service for DNS resolution reduces latency, scales for audience size and geography, and provides an additional layer of security for web applications.
All survey creator data is served securely over https using high-grade SSL certificates. We deploy hardware-accelerated SSL as part of our technical infrastructure to speed up the secure transactions between server and client. Hardware acceleration of SSL optimizes the most computationally expensive part of an SSL session, the handshake, where server and client agree on a number of parameters that establish the security of the connection. Hardware acceleration of SSL results in faster page load times. Obsurvey checkout pages, in addition to serving pages using SSL, are in full compliance with the PCI Data Security Standard.
TERM DETAIL & DEFINITIONS
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. Amazon EC2 presents a true virtual computing environment, allowing users to use web service interfaces to launch instances with a variety of operating systems, load them with your custom application environment, manage the network access permissions, and run a server image using as many or few systems as desired. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing users to quickly scale capacity, both up and down, as computing requirements change. It provides developers the tools to build failure-resilient applications and isolate themselves from common failure scenarios.
Amazon Simple Email Service (Amazon SES) is a highly scalable and cost-effective bulk and transactional email-sending service for businesses and developers. The service integrates with other AWS services, making it easy to send emails from applications being hosted on services such as Amazon EC2. Amazon SES takes proactive steps to prevent questionable content from being sent, so that ISPs receive consistently high-quality email and therefore view the service as a trusted email origin. This maximizes deliverability and dependability for all senders.
Amazon S3 Storage Service
Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage. Objects are redundantly stored on multiple devices across multiple facilities in an Amazon S3 Region. To help ensure durability, Amazon S3 PUT and COPY operations synchronously store your data across multiple facilities before returning SUCCESS. Once stored, Amazon S3 maintains the durability of your objects by quickly detecting and repairing any lost redundancy. Amazon S3 also regularly verifies the integrity of data stored using checksums. If corruption is detected, it is repaired using redundant data. In addition, Amazon S3 calculates checksums on all network traffic to detect corruption of data packets when storing or retrieving data.
Amazon CloudFront is an easy to use, high performance content delivery service (CDN) that lets users quickly and cost-effectively deliver content to visitors using a global network of edge locations in the United States, Europe and Asia.
The Domain Name System (DNS) is a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most importantly, it translates domain names meaningful to humans into the numerical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.
PCI Data Security Standard
The PCI DSS is a multi-faceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data. Most notably, PCI DSS-compliant merchants do not store cardholder data in electronic format. PCI DSS and related security standards are administered by the PCI Security Standards Council.
SSL stands for Secure Sockets Layer, a cryptographic protocol that provides communications security over the Internet. SSL encrypts the segments of network connections above the Transport layer, using symmetric cryptography for privacy and a keyed message authentication code for message reliability.
If you have any additional questions regarding Obsurvey’s technical infrastructure, please contact us at [email protected]