At I Done This, we take the security of your data and content as our paramount concern. The proactive approach to security and stringent procedures described above protects the security of your I Done This data.
I Done This hosts its software-as-a-service at Amazon Web Services (AWS) for unparalleled security, reliability and availability. Utilizing AWS infrastructure, I Done This inherits AWS-network, ops and monitoring to satisfy stringent physical and network intrusion requirements. AWS is SAS70 Type II Certified, HIPAA compliant, and PCI compliant and has unrivaled scalability.
The AWS SAS70 audit was completed within the last 18 months, and AWS received a favorable unbiased opinion from its independent auditors. The control objectives and control activities of AWS are focused on operational performance and security to protect customer data. A copy of the report is available from AWS upon request and with an executed NDA in place with Amazon. I Done This has reviewed the SAS70 audit in detail and is satisfied that AWS infrastructure meets or exceeds all critical SAS70 audit protocols.
The server infrastructure of AWS is known as Elastic Compute Cloud, or EC2. This infrastructure is highly flexible and scalable, allowing business-critical web applications like I Done This to adjust capacity in minutes. Hundreds or thousands of server instances can be deployed instantly and simultaneously, across multiple geographic regions. I Done This is currently deployed in multiple Availability Zones with data stored in S3.
Availability Zones ensure failure-resilient operations with planned fault separation. Availability Zones are physically separated facilities engineered to remain insulated from any failure in other locations. Availability Zones in the same geographic region are located on different floodplains, in areas determined to be seismically stable, and maintain low- latency connectivity with each other. Server instances running in separate Availability Zones safeguard an application from the failure of a single location.
Data traffic between Availability Zones is transmitted across AWS-controlled private network infrastructure, which provides minimal latency, transmission consistency, and end-to-end security.
Each facility receives power from different grids, and from independent utilities to further protect against single points of failure. In addition, discrete uninterruptable power source (UPS) systems, batteries, and onsite diesel backup generators standby to regulate flow, prevent spikes and brownouts, and convey clean power in the event of utility failure.
Each Availability Zone maintains redundant connections to multiple tier-1 transit providers to guarantee unbroken network connectivity at all times.
The AWS data storage infrastructure, named S3, is designed to provide 99.999999999% durability and 99.99% availability of objects over a given year. Objects are redundantly stored on multiple devices across multiple facilities in an Amazon S3 Region. To help provide durability, S3 Put and Copy operations synchronously store data across multiple facilities before returning Success. Once stored, S3 helps maintain the durability of objects by quickly detecting and repairing any lost redundancy. S3 also regularly verifies the integrity of data stored using checksums. If corruption is detected, it is repaired using redundant data. In addition, S3 calculates checksums on all network traffic to detect corruption of data packets when storing or retrieving data.