System Architecture
o High Availability

o RiskAware’s Red Flag system is backed by a 99.9% annual uptime standard. Furthermore, the system has not experienced any unplanned outages in the past three years.

o Red Flag System Security:

o RiskAware’s Red Flag system offers the premium in network security.
o RiskAware’s Information Systems team supervises and maintains oversight and administration over our Red Flag applications, with full root access to cloud servers.
o Client Log In Security:
o 256-bit Secure Socket Layer (SSL) connection

o Role-based access control and case-based restrictions
o Access to our servers is provided on a need basis and all users require authentication.
o All data contained within the system is controlled by you, the client. This means that only the staff you authorize can access specific information, such as a student’s documents and case notes.

o Vendor hosted network security:

o As part of our strategy for disaster preparedness and recovery, RiskAware partners with the industry’s #1 managed cloud company, Rackspace Hosting for system monitoring and network support.

o Rackspace helps companies tap the power of the cloud without hiring experts in complex technologies and currently serves over 60% of the Fortune® 100 from its 9 state-of-the-art SSAE 16 and ISAE 3402 Type II SOC 1 compliant data centers on four continents.

o Building security and redundancies::
o Controlled Building Access with two factor identification in sensitive areas.
o 24 hour video monitoring.
o Environmental Controls:
 HVAC redundancy
 Telecommunication redundancy & failover communication paths
 Environmental Sensors installed for smoke and water
 Raised flooring
 Fire detection and suppression systems
 Uninterruptible Power Supply (UPS)
 Generator Back Up

o Network based Security and Reliability Features
o We utilize “Huddled” Cloud Servers with onsite hot spares, and consistent imaging processes for host and cloud server provisioning. Resources are allocated to each cloud server and segregated from other cloud servers on the same host machine. SLA is 1 hour.
 Linux servers
 Open API
 Monitoring
 Operating System
 Cloud based DNS Management System
 Servers have event logging.
o Managed Storage – internal hard disk based storage with hot-swappable RAID technology for fault tolerance and high availability.
o Managed Back-Up – daily backups, offsite tape storage and tape or disk archiving.
o Cisco Partnered – Cisco powered zero downtime network with self-healing attributes delivering a 100% infrastructure availability guarantee. Patented intrusion Detection system to protect against threats.
o Multi provider connectivity and backbone carriers, for natural redundancy and smoothing out congestion, downtime, traffic etc. By utilizing 4 to 7 Internet Bandwidth providers we have excess capacity – with a Support Team monitoring to reroute internet traffic when required.
o Infrastructure and Change Management protocols require formalized and structured change management review, documentation, and management approvals before changes are promoted into testing.
 Infrastructure 72 hour minimum notice on changes.
 Testing performed in a segregated test lab.
 Maintenance Calendar is maintained.
o Network Access Security:
 Encrypted cloud server access with administrator SSH keys changed semi-annually.
 Client authenticated with the Cloud Authorization System.
 Three tiered security system – IP, EB, and ARP Tables to restrict communications and prevent unwarranted attacks from suspect traffic, and sanitizing attacks without disrupting the free flow of legitimate traffic.
o Sophisticated Monitoring and Reporting that track, analyze and perform 360 degree review on health of hardware, application and database. Reports are reviewed by RiskAware IT Administrator.
 System monitoring of web site availability.
 All routers, switches, and connections are monitored, as are network backbone, bandwidth providers and overall health of network.
 Vulnerability scanning – and Threat Analysis – employing advanced technology to identify and address security weaknesses in web oriented servers, applications and activities by constantly examining firewalls, load balancers, SSL accelerators and switches, and external security events.

o Disaster Recovery:
 Hot Standby – Data mirrored automatically onto a secondary cluster with a second site automatically brought up if the primary fails.
 Warm Standby – Data copied onto a secondary cluster.
 Cold Standby – Equipment available as back up in case of disaster.