Icetrak provides
a Communications Platform as a Service to it’s customers typically providing SMS
and messaging services.
Our platform is both resilient and secure.
Our production platform and services are delivered simultaneously
from multiple secure data centers in the UK.
Each data center is capable of running standalone and can deliver all of
our customers SMS requirements should there ever be an issue at any individual
data center.
Our data center partners are IONOS and OVH Cloud both
of which provide secure ISO 27001 certified data centers.
Our services are accessible using Round Robin DNS
entries. Providing the application
developer/partner is aware of Round Robin DNS all of our services should remain
available even if we have a single catastrophic data center outage.
Data is usually transmitted to our server using HTTP
or SMTP. Our servers all support HTTPS
and TLS within the SMTP protocol. Providing
the application developer/partner chooses to use one of these API sending
mechanisms then any data sent to us will be encrypted.
This however is a choice of the application developer
so it is out of our control.
All of our production messaging servers are Firewall
protected with no public access except via an API call.
Our firewalls are all native operating system level
firewalls thereby guaranteeing there are no complicated 3rd party incomprehensible
systems sitting about our native level of protection.
All attempts to access any of our production servers
are logged and monitored.
Wherever possible administration tasks are performed
using a bespoke interface running over HTTPS.
All access to this administration functionality is password protected
with each administrative function only being available to staff that require
it.
In the unlikely event that any administration task
cannot be carried out using our bespoke interface we provide a limited number
of our staff with secure VPN access. VPN
access is only granted from a limited set of devices with pre-shared encryption
keys.
Our user portal provides password protected access to
a set of portal servers which provide a configurable set of functionality. This configurable set limits the users view
to only the functionality they need.
Users can configure their own password and all
passwords are hashed and salted so they are unreadable on our servers and resilient to common attacks
Our portal servers do not provide direct access to our
messaging servers ensuring the integrity of our messaging servers.