Data Centre / Infrastructure / Backup / Monitoring FAQ

Location

What data centre providers do you use?

Equinix SY5 and ME2 - equinix.com.au

Where are your servers located?

Our servers are located at Mascot in New South Wales, and Melbourne in Victoria.

Do your data centres have relevant ISO certifications?

Equinix SY5 and Equinix ME2 - ISO 27001 - Certification can be found here: https://www.equinix.com.au/services/data-centers-colocation/standards-compliance/

Are your data centres manned?

Our servers at Equinix are unmanned, however, these Data Centres are a 15min drive from our head office where most of our technical staff work. Our out-of-hours technicians are mostly within a 30min drive of our data centre.

Do you have redundant and backup power in case of a primary power failure?

Our data centres have multiple redundant power feeds, redundant UPS units and generators.

Do you have redundancy in case of failure from a data cable/transit provider?

Yes, all physical transit and peering links are multi-paths, taking different physical routes. We have peering with multiple international carriers and transit providers (including, but not limited to, NTT, Vocus, Nextgen and Amazon) to both improve connectivity and provide redundancy should one provider have an outage.

Security

What physical security is present at your data centres to protect physical access to the servers?

All data centres have security guards on-site 24/7 and constant surveillance via security cameras both in the data centre and around the building and general area.

Physical access to our servers is heavily restricted. For someone to access our servers, these 3 things are all required:

1) Biometric security verification
2) Valid security key card
3) Keys to access individual server racks

How are the docking areas and entrances to the data centre protected?

All entrances to our data centre buildings are protected by 24/7 security staff and live monitoring, as well as requiring security card access into most sections of the building.

Do you have Firewalls, DDOS Protection or other methods to protect against digital attacks?

Depending on the product, we have firewalls and DDoS protection in place. Hardware firewalls are available for dedicated servers to protect them.
Software firewalls can be set up on dedicated and VPS servers to your specification. In the case of a managed service, the firewall configuration can be maintained and operating system updates can be performed periodically to ensure continued protection.

What are the client's responsibilities when it comes to security?

Clients are responsible for all data (including websites, emails, software and passwords) that they add/configure/upload onto our servers. This includes things like CMS updates, PHP upgrades, and password changes. On Shared Hosting and Managed servers, we are able to assist with removing malicious files and stopping other malicious activity on the server. However, it is up to the client to update the client-side software and patch their website to stop any exploits from reoccurring.
Are servers encrypted?

By default, no data on the server is encrypted. Information in transit can easily be encrypted with a free SSL certificate, which we can assist in providing. However, if a client wishes to encrypt data on the server, they can take that up themselves.

How is the updating and handling of security vulnerabilities handled?

For Managed servers, we handle updating and patching of all security vulnerabilities and server software we provide. The client is responsible for managing and updating security/software for all software that they install or request assistance from us to help install.

Backups

What type of backups do you take?

For our Personal, Business, Premium, and Reseller products, we take a backup of each cPanel account in its entirety every 8 hours. For Managed VPS products, we take a backup of the entire server every 24 hours. We keep the last 7 days worth of backups.

For Dedicated Servers and self-managed VPS, backups are an optional extra. We offer both R1soft and SAMBA backup systems and can configure access, backup frequency and other factors to your individual needs. Clients are also able to use the backup feature in WHM or their own backup applications. Please note that 3rd party backups, including WHM backups, may count against the server's billed bandwidth usage.

Are backups encrypted?

By default, backups are not encrypted. The primary backup software we use (R1soft) does support AES-256 encryption, and we can enable this on request. Please note that this does mean that taking, accessing and restoring backups will be slower.

Are backups stored at a different physical location to the web servers?

Yes. Our data centre locations are in 2 separate states. With each server, we ensure that the physical server and the backup server are located separately (one in Sydney, the other in Melbourne)

Are backups full, incremental or differential?

The backups that we provide are incremental. The oldest backup will contain a full backup of the servers, while each earlier backup will contain backups of all changes/additions since the previous backup.

Do you offer long-term/archive backups?

No. The backups we provide are short-term/disaster recovery. For long-term archiving and backups, we recommend a dual strategy of storing backups both in secure online storage (such as Google Drive, Dropbox or AWS Glacier) and keeping a separate copy on a physical medium like a local computer or portable hard drive.

How can my backups be accessed?

For Web Hosting and Reseller services, backups can be accessed from the R1soft icon in cPanel, as seen here.

For Managed VPS services, please contact our support team for backup restores as those backups are not accessible externally.

For other services, (including Blaze, Self Managed and Control Panel VPS) backups are an optional extra. If purchased, we provide direct R1soft backup server logins, and you can use this guide to restore them.

Can I make and manage my own backups?

Yes. You can use the backup feature in WHM (for VPS/Blaze Services), take manual backups through cPanel or use another third-party backup service. Please note that if those backups are transferred offsite, that will count against the total billed bandwidth.

Staffing / Monitoring

How are your data centres staffed?

We have technical staff on hand 24/7 which operate from our Head Office, which is a 15-minute drive from our Data Centers.

Do you have on-site/on-call technicians?

Yes. As well as 24/7 staffing, we have System Administrators on call 24/7 who can do both remote work and drive to the DC if physical access is required.

How are servers monitored?

We have live monitoring of all our servers 24/7. Staff at our head office have live boards in front of them which show statistics and relevant monitoring information for all servers. Our internal communication tool contains a channel which monitors alerts and potential issues live. System Administrators are automatically SMS'd if a critical issue is detected.

What aspects are monitored?

Temperature and environmental elements at all significant points throughout our data centres are monitored. For all servers, power and network connectivity are monitored 24/7. For managed servers, we implement a high level of monitoring which checks the status of all critical services (MySQL, Apache, SSH, etc), as well as high disk usage, CPU/RAM usage (for consistent lengths of time) and various other elements.