Secure Managed Hosting Architecture Overview for EverReady Platform
Discover the secure and managed hosting architecture overview for EverReady platform in Europe with AWS. Learn about the scalability, encryption, and efficient data processing methods employed. Dive into data collection, CRM updates, authentication management, and the technologies utilized in this robust system.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Technical documentation July 2023 01/07/2023 V2.0 INTERNE
Overview Hosting in Europe with AWSSecure architecture - 100% Managed Services Access to the service on web or mobile via a secure REST API Instances protected by IDS /IPS services Encrypted databases / no storage of sensitive business data (email & CRM) Scalability ensured by automating the provisioning of the architecture
Technical Architecture
Mobile Phone Mailbox Calendar Platform Architecture CRM AWS Workers Processing Units In memory Managed Services API / OAuth2 MySQL MongoDB Logs / Events / ID Encrypted Database Org. / Users / Tokens DMZ IDS / IPS Https Emailing / Mandrill FRONT / REST API Identity provider / Firebase Web App Mobile App
Data collection and processing The EverReady platform connects via API (OAuth2 protocol) to the client's email, phone and CRM. Our connectors allow to filter and collect only business information before sending it to the workers for processing (see functional documentation of business rules). Messages: reading Calendar: reading Call log: read (no recording of conversations) These business data are collected in 10 minute intervals and processed directly by our workers in memory without ever being stored in our databases. Only the technical data (identifiers and dates) of the elements created or modified in the CRM by EverReady are stored in our databases.
CRM Updates The EverReady application can read and update information on the company's CRM using an OAuth 2 login method. The application inherits the same rights and scopes as the user in the CRM. The CRM objects handled by our application are the following: Contacts: read / write Opportunities: read / write Accounts: read / write Activities: read/write Leads: read / write EverReady never deletes any existing information in the CRM. All data added by EverReady in the CRM is tracked.
Authentication Authentication is managed by Firebase. Users are provisioned in Firebase by the application when they are created. Permissions on features and data are managed by the EverReady application once the user is identified. Possibility to authenticate via SSO/SAML protocol.
Back-end Components Technologies Applications backend SpringBoot + Kotlin + Python Event storage MongoDB, Managed Services, encrypted Storage of structured data MySQL, Managed Services, encrypted Identity Provider Firebase Notification server Firebase Emailing Mandrill / Mailchimp
Front-end Components Technologies Dashboard web Angular, typescript Mobile App ReactNative
Software factory Composants Technologies Source version control GitLab Continuous integration and building GitLab CI Infrastructure Manager Terraform Container Manager Docker, Managed Services
Hosting Amazon AWS, data center in Europe: - Native protection against DDOS attacks, network and software vulnerabilities - Managed services, high availability and scalability - Automatic data backup: Full daily backup / Snapshot every hour - Permanent / automated monitoring of the service with alerts and notifications - System indicators (cpu load, memory, availability) - Business indicators (volume, calculation time, etc.)
Deployment The description of the infrastructure is done with Terraform, the provisioning is managed automatically without any manual operation. Docker allows us to manage our applications in a controlled environment and to reduce the dependencies on hardware or OS allowing maximum interoperability. The segregation of development and production environments is complete, no data or services are shared between the environments.
Security The EverReady application is located in a VPC (Virtual Private Cloud) at Amazon, allowing unauthorized access from the Internet to be completely closed. In particular, the databases are only accessible within this VPC and from authorized components. The administration of the services is done via a dedicated and highly secured VPN (IP restriction, private key reserved to authorized EverReady persons). The transfer is encrypted during all data exchanges (HTTPs), from the Internet but also between internal components. All data stored in our databases (MySQL & MongoDB) are natively encrypted. Authentication with CRM (Salesforce, Hubspot, etc.) and Messaging (Outlook, Gmail) services is based on the OAuth2 protocol made available by these services.
Security & GDPR compliance The security and protection of your data is at the heart of our concerns. EverReady is certified ISO 27001 in order to guarantee its customers the respect of the best practices in the domain of Cybersecurity and the strict compliance with the RGPD.
