ScreenSteps 5

Hosting, Availability, and Security

Updated on

Overview of Hosting, Availability, and Security in ScreenSteps

Understanding how ScreenSteps manages hosting, availability, and security is essential for evaluating the reliability and safety of your data within the platform. This article introduces the key concepts, terms, and practices related to where and how ScreenSteps is hosted, how it ensures uptime, and the security measures in place to protect your information.

  • ScreenSteps is a cloud-based application with specific hosting and security protocols.
  • Availability and disaster recovery are built into the system architecture.
  • Security practices cover data access, encryption, and employee training.

Key Terms

Familiarity with the following terms will help you understand ScreenSteps' approach to hosting, availability, and security:

  • Amazon Cloud (AWS): The cloud computing platform where ScreenSteps is hosted.
  • Data Center: A physical location housing servers and storage systems.
  • SSL/TLS: Protocols for encrypting data transmitted between your device and ScreenSteps servers.
  • S3 Storage: Amazon's cloud-based storage service used for storing images and other files.
  • Application Logs: Records of events and transactions within the ScreenSteps application, used for troubleshooting and performance monitoring.
  • Understanding these terms is foundational for grasping how ScreenSteps manages your data.
  • Cloud hosting and encryption are central to the platform’s security model.

Background: Hosting and Data Storage

ScreenSteps is exclusively hosted on the Amazon Cloud in Northern Virginia. There are no options to host the ScreenSteps web application on private or on-premises servers. However, organizations can host content generated by ScreenSteps on their own servers if needed. See Hosting Options for more details.

To ensure data durability and disaster recovery, ScreenSteps maintains a mirrored copy of the application and its data in a separate data center located in Oregon. This setup allows for a quick switch to the backup site in case of a major incident at the primary location.

  • ScreenSteps is a cloud-only solution for its main application.
  • Mirrored data centers support business continuity and disaster recovery.

Why Availability Matters

High availability ensures that users can reliably access ScreenSteps whenever needed. The platform’s use of mirrored data centers and public reporting of uptime history (such as through pingdom) demonstrates a commitment to transparency and operational reliability.

  • Availability is critical for organizations relying on ScreenSteps for documentation and training.
  • Mirrored infrastructure reduces the risk of downtime.

Security Practices

ScreenSteps employs a range of security measures to protect customer data and maintain privacy:

  • SSL/TLS Encryption: All data transmitted to and from ScreenSteps uses SSL connections with TLS 1.2 or later, ensuring secure communication.
  • Data Segmentation: Customer data is divided into log data, database content, and image data, each with specific access controls and storage methods.
  • Access Controls: Only authorized users can access database content. ScreenSteps administrators may access data for troubleshooting, but only with explicit customer permission.
  • Log Management: Application logs are used solely for troubleshooting and performance improvement. Sensitive information like passwords is filtered out, and logs are aggregated using a third-party tool.
  • Image Security: Images are stored on Amazon S3. For protected sites, image URLs expire after a set period, requiring regeneration for continued access. Public sites or those with HTML copy enabled use non-expiring public URLs.
  • Encryption and access controls are fundamental to ScreenSteps’ security model.
  • Different types of data are handled with tailored security measures.

Employee Security Training

ScreenSteps ensures that all employees are trained in security best practices. This includes:

  • Regular training on security protocols and data privacy.
  • Use of encrypted and secured workstations with up-to-date security software.
  • Strict policies against unauthorized disclosure of personal data.
  • Limiting access to personal data only to employees who require it for their job functions.
  • Employee training is a key component of organizational security.
  • Access to sensitive data is tightly controlled and monitored.
Previous Article How to Get Support from ScreenSteps
Next Article Can I host ScreenSteps on my own servers?

FAQs

General FAQs 7
Security and Hosting FAQs 4

Other Resources

Print Article