January 2022
JobPro’s Infrastructure has Moved to Azure
MICROSOFT AZURE
JobPro is hosted in Microsoft’s Azure cloud platform which consists of 200+ physical datacenters, arranged into 58 regions, across 140 countries and linked by one of the largest interconnected networks on the planet. Our applications are primarily served from the US East 2 region in southern Virginia which consists of 3 physically separate datacenters with independent and redundant power, cooling, and network access.
Microsoft enforces the highest level of security at both the network and the physical infrastructure level. Azure complies with over 90 different industrial and governmental security certifications including ISO 27001, SOC 2/3, and PCI DSS 3.0. The US Government has chosen Azure for their most secure systems and Azure complies with dozens of US Government certifications including DoD Level 6.
Microsoft data scientists and dedicated security teams are leaders in the migration to password-less authentication and Zero Trust Network - Network Access. Microsoft can leverage extensive data sources for staying ahead of security threats via their 18 billion Bing web pages, 400 billion emails, 1 billion Windows devices, and 450 billion monthly authentications. Combined with advanced machine learning, behavioral analytics, and application-based intelligence, Microsoft can detect threats earlier than any other cloud provider.
OUR INFRASTRUCTURE
JobPro’s Azure environment was designed and implemented by Insight Global who was voted 2021 Microsoft Worldwide Partner of the Year Award for Azure Migration and Solution Assessments. Different layers of the application (web, database) are implemented into separate virtual networks, each with their own firewalls, to ensure the maximum level of control over security and authentication.
DATABASE SERVERS
JobPro’s databases are hosted using Azure SQL Managed Instance.
This service automatically handles critical servicing tasks, such as patching, backups, Windows and SQL upgrades, and unplanned events such as underlying hardware, software, or network failures. Unlike a traditional SQL Server that must be taken offline to implement security and functionality updates, Microsoft deploys these updates as soon they are released so it’s guaranteed that the databases are hosted with the most up-to-date SQL Server performance and security updates.
Microsoft has designed this service to be highly available in any situation, with a 99.99% uptime guarantee.
Three separate copies of each database is maintained at all times across the 3 datacenters in the region.
Backups are taken every 5 to 10 minutes, 24 hours/day. These are stored in the 3 datacenters in the US East 2 region (Virginia) and replicated to US Central region (Iowa). In case of a catastrophic event that might affect all 3 datacenters at the Virginia facility, databases can be brought online in Iowa.
All data and backups are encrypted with 256-bit AES at rest and in transit and the service lives behind a firewall with no access to or from the public internet Application Servers
Our web applications are hosted on Windows Server Virtual Machines
Multiple servers are always available to serve requests so that maintenance or other issues will not affect customer access to the JobPro system.
An Azure Application Gateway Firewall is in place to limit and monitor incoming traffic and load-balance requests the multiple servers.
All access is controlled and monitored via Active Directory with minimal users with minimal rights. Backend access for maintenance is possible only across a redundant, secure VPN from our office, locked via two-factor authentication from Duo Security.
At least six copies of the data are always stored between the multiple servers and across the 3 datacenters in the region. Snapshots are taken regularly.
All data and backups are encrypted with 256-bit AES at rest and in transit.
All critical security updates are automatically deployed by Microsoft as soon as they are released while redundant servers mean updates do not affect customer access to JobPro.
If any maintenance is required that cannot be done as described above, that might necessitate taking JobPro offline, it will be done during a planned and announced period during off-peak, non-business hours.
All services are monitored 24x7 by Azure specific monitoring, along with multiple external redundant 3rd party systems. All notifications regarding potential issues are forwarded immediately via email, phone, text message and Microsoft Teams messages to JobPro engineers for handling, 24 x 7.
Performance metrics are constantly monitored to verify the system is responding in a timely manner for users. Since the system is not reliant on a limited allocation of physical hardware which takes weeks to purchase and provision, but rather built on top of Microsoft’s extensive cloud infrastructure, there is no limit to the additional server processing capacity that can be brought online quickly to maintain a highly performant system.