In light of recent events at MJFreeway, we at GeoShepard thought it prudent to post a more technical post than usual. But the subject of what keeps GeoShepard running in the face of infrastructure and security challenges is inherently technical.
Much of modern software is delivered using a model known as SaaS, “Software as a Service”, where users no longer install software on their local computers, but have it delivered via the web, or a web-enabled app. Think Gmail. There are many advantages to this model: the user doesn’t have to install anything, software can easily be updated with new features with no effort by the user, the software can be used from a variety of locations and devices, and so on. For this reason, GeoShepard uses SaaS to distribute its GeoScale™, GeoTracking™, and GeoRoute™ solutions.
But these advantages also come with challenges. The user is now susceptible to problems with the vendor infrastructure. If the SaaS product fails, it can be catastrophic, affecting all users and shutting down businesses.
The challenges for application uptime can come from a number of sources. These include:
- Hardware failure, such as servers, disks and network routers.
- Failure of supporting software such as databases or application frameworks
- Application software bugs
- Malicious security attacks aimed at either disabling the SaaS application, or worse, stealing or destroying customer data.
- Internet connectivity. Without a connection to the vendor’s SaaS infrastructure, the app can’t function.
To address these challenges, GeoShepard uses a set of best practices to protect its users from failure. GeoShepard’s applications are built using a modern partitioned Service Oriented Architecture, running on third party enterprise-class cloud infrastructure. This allows us to leverage high grades of security and reliability implemented by our Cloud vendors without having to invest in dedicated GeoShepard teams.
To help our customers understand how GeoShepard protects their business operations, below are some of the best practices we use:
Data is the lifeblood of our clients. From weights to location to in-transit details, GeoShepard takes the responsibility for protecting client data incredibly seriously. We use a cloud-based enterprise-class database hosting service, running on top of the Amazon Cloud. This server provides two hot redundant servers running next to the active server, and takes backup snapshots every 6 hours to store offline.
GeoShepard is based on an application development framework that supports high reliability instances running on Amazon Web Services servers. Software is deployed into “containers” and the framework automatically recovers if a container or server fails by recreating the container, and restarting the operations seamlessly.
Even with the above techniques, failure is always a possibility. GeoShepard uses a partitioned infrastructure, where groups of customers are hosted on different clusters of Amazon servers. If there is an application failure, the “blast radius” is constrained to only the small number of customers on that server. This also supports scaling the system by providing dedicated server performance for each client.
Reversible Application Deployment
GeoShepard uses modern practices of constantly delivering new features. We release software every 2 months. But what if something goes wrong on the deployment, or a major bug is inadvertently released? We have a pattern of always testing and qualifying a rollback with each release, so that if there is a problem with the new release, we can rollback to the previous version in a manner of minutes.
Backup Network Connectivity
A key part of the GeoShepard’s solution is the iPhone mobile component. Our iPhone app creates a best-in-class automated weighing. It also allows effortless inventory auditing in the back office. Just as importantly, if a customer decides not to provide their own backup internet link, it can provide backup internet connectivity. If the WiFi fails, the iPhone simply switches to LTE and continue operation uninterrupted. Additionally, if metrc fails, we store data on our servers and update metrc when it’s back online.
In the modern world, a software vendor needs to assume they are under attack all the time. GeoShepard uses a number of techniques to ensure only the correct people can access the system. These include encryption on all traffic from app to app server to database, and encryption of all data in the actual database files. Amazon Cloud network protection is used for Virtual Private Clusters and IP whitelists. All the computers used at GeoShepard are passworded with encrypted disks. User passwords use one-way encryption. All passwords for key infrastructure are stored in a third party encrypted vault and regularly rotated.
GeoShepard takes reliability and security with the utmost seriousness, and aggressively uses modern best practices for databases, applications and security to keep our customers’ businesses running.