Introduction
This document describes Bright Interactive’s Shared Hosting Service, the hosting
environment and the level of service we provide if you decide to host Asset Bank on our shared (multi-tenant) cloud hosting platform.
Why host with us?
Our objective is to provide a shared hosting service that is suitable for the majority of our customers’ needs. It is secure, cost-effective, performant and reliable, and supports the growth of your Asset Bank without large upfront investment.
The hosting environment
We offer shared hosting facilities in the EU, US, Canada, Bahrain, Hong Kong and Australia.
We use fully scalable, reliable, and responsive AWS EC2 Servers as the main platforms for our shared hosting solution.
Asset Storage
Your original asset files and thumbnails will be stored in Amazon S3.
Cloud storage offers the following benefits over dedicated server storage:
- It’s highly reliable—assets are redundantly stored on multiple devices across multiple facilities. Any corruption or storage failure is automatically corrected.
- It’s highly scalable—the storage never runs out, so you will never need to migrate
your Asset Bank as your storage needs grow. - It’s cheaper—there are no upfront storage costs to pay and because Amazon S3
stores many billions of files there are big economies of scale. We pass these savings onto you. - It’s greener—storing a large number of assets on a dedicated server is wasteful,
even though the disks might be near capacity, memory and CPU are often very underutilised and this wastes power.
Server Monitoring
Every Asset Bank URL is monitored for uptime and responsiveness. Every essential service on the server required to run the Asset Bank is also monitored.
In the unlikely event of an issue, we have automated systems in place to restart services, the server, or even migrate the server to a new virtual instance.
If there is a persistent issue, a monitoring alert will be triggered and it will be raised in our ticketing system and investigated as the highest priority.
Maintenance
We have scheduled maintenance windows scheduled in the early hours of the morning (usually between 2 and 4 am) when we can apply security patches, upgrade your Asset Bank instance or perform other maintenance.
We will contact you in advance in the event of scheduled maintenance if it involves downtime of the Asset Bank within office hours.
Capacity
Hosting is priced at a fixed quarterly, six monthly or yearly fee for a specified amount of storage space. If you exceed the agreed storage space then we will notify you and you will then have the option of reducing the amount of space used or paying for the extra capacity.
Fair Use
We operate a ‘fair use’ policy with respect to bandwidth and reserve the right to temporarily suspend an Asset Bank that is critically affecting the performance of a shared hosting server.
We would propose a dedicated server hosting solution for an Asset Bank for which this is an ongoing issue.
Availability & SLA
Unless undergoing scheduled maintenance, we guarantee that your Asset Bank will not be down for more than 30 minutes per month.
Asset Bank will be polled regularly to check for availability. Bright Interactive will attempt to resolve any issues as soon as they become aware of them.
In the event that Asset Bank is unavailable for more than 30 minutes in a given month due to
problems with the software on the server (Asset Bank or any of the software required to run it, including the Operating System) or failure of the network infrastructure at AWS, we will refund to you 10% of your monthly hosting charge per 30 minutes of downtime – up to 100% of your monthly hosting charge minus our cloud storage costs over that period.
However, for the purpose of compensation, downtime begins when you log a call with Bright
Interactive stating that you cannot access Asset Bank and ends when you successfully access Asset Bank or you are informed that Asset Bank is available again (unless you subsequently find otherwise).
Extraordinary Events
You are not entitled to credit for downtime or outages resulting from the denial of service attacks, virus attacks, hacking attempts, or any other circumstances that are not within our control.
Rate Limiting
We enforce rate limiting for the API and Direct Link Cache for all customers who host with us. Full details can be found in our article on Rate Limiting.
Backup & Disaster Recovery
Please follow the link to view our Backup and Disaster Recovery Policy.
Security
Ensuring your data is secure is a priority. All client data on our infrastructure is given our highest data classification rating of ‘restricted’. This ensures that the strictest administrative controls for the storage and handling of this data are applied.
A high overview listing the technical controls in place to ensure the safety of your data can
be seen below:
- All of your data is stored with Amazon (AWS). They are, amongst others, an ISO 27001 accredited supplier.
- All servers are behind a virtual private cloud (VPC). A firewall blocks access to unneeded ports and limiting access to the server OS to a limited set of IP addresses.
- We are notified automatically of new security patches and they are applied as new threats emerge. Security patches will be applied in line with our patching process, ensuring they happen at least monthly.
- Multiple logging mechanisms are in place to ensure an audit trail of actions on our servers.
- We require SSL to be used for any Asset Bank on our servers so that all web traffic is encrypted.
- Your data, including backups, are encrypted in transit and at rest using the industry standard AES-256.
- Each Asset Bank uses a separate database instance, to ensure that clients’ data is segregated.
- Asset Bank supports various Single Sign-on and Federated Identity implementations, including any SAML 2.0 compliant provider.
- Asset Bank’s built-in audit logging enables you to track who has logged in and when.
To further aid with the visibility of our security processes and policies that we have in place,
we have compiled an Asset Bank Security Questionnaire.
We have also published a Vulnerability Management and Disclosure Policy.
Shared Hosting Architecture
Figure 1 illustrates the architecture of our shared hosting service.
Figure 1: Shared Hosting Architecture
Obtaining Your Data
The data associated with your Asset Bank belongs to you, and you have the right to request a copy of it at any time. We provide two methods for this using an Amazon S3 bucket:
- Bright S3 bucket: We will export your data and transfer it to a Bright owned S3 bucket. We will provide you with access details and instructions on how to download. The data will be available to download for 90 days.
- Your own S3 bucket: You will need to provide us with access details to your own S3 bucket, we will then export your data and transfer it to this S3 bucket.
If you would like a copy of your data then please get in touch, so we can work out the best option for you and supply you with a quote.
Support Hours
Problems with the availability of your Asset Bank can be logged with Bright Interactive during its standard Customer Support hours (described in the document Customer Support Service Description).
Other Hosting Options
We understand that some clients would benefit from hosting their Asset Bank on a dedicated server, either from the start or after a period of time hosting with us. For example, if you require:
- Guaranteed allocation of system resources to support large numbers of concurrent users and intensive image rendering and manipulation requirements.
- Support for custom requirements, e.g. a virtual private gateway using Amazon Virtual
Private Cloud (VPC). - A Dedicated Physical Server to ensure that your data is not hosted on the same physical hardware as others.
For more information please refer to our Dedicated Hosting Service Description.
Revision Date: May 18th 2020
Comments
0 comments
Please sign in to leave a comment.