With questions around security of data, we want to re-assure users of what MagManager does to guard against data loss and hacking:
All of the data that you are storing in MagManager is housed in the data centres of the largest provider of cloud infrastructure in the world, Amazon Web Services (known as AWS). This provides you with industry leading levels of security and performance that also allows us scale to many thousands of customers. AWS provide multiple layers of security for your data both physical and logical. Physical security covers the buildings that house your data and logical security covers the attempts to access MagManager from the internet.
Every single attempt to access any MagManager data has to pass through several layers of security before it even arrives at one of our servers and although you may not realise it, you never actually get to one of the MagManager servers directly. You are passing through layers of security before the data you requested is finally presented on your screen. Every single request for a page in MagManager is logged within AWS and should we identify suspicious activity we can quickly shut down access to any user or server that may be generating this activity. This is assuming that the request even gets that far as AWS uses its own algorithms to help us and their automated tools step in to protect us when suspicious activity is seen.
In the EXTREMELY unlikely event that MagManager was hacked and all of our data was lost… We backup ALL of our customer data every night to an external cloud provider (Not AWS). This data is stored for 90 days, so at any point in time we have access to what our customer data looked like at 1am on any of the preceding 90 days. We have a disaster recovery and business continuity plan that swings into place IF a disaster such as the ‘total loss of all customer data’ was to occur. This plan has a return to operations target of 4 hours and a recovery point objective of 1am on the night preceding the disaster. In practice this means that in the event of a disaster being declared, we aim to be back up and running within 4 hours using data no older than 1am last night… and this is the worst case scenario! As you would expect we regularly test that we can restore from our backups and do this to our own test servers within the magmanager environment.
Although we have all of these measures in place, the single biggest cause of user data loss from IT systems has always been people accessing MagManger accounts using existing usernames and passwords that have been compromised or stolen. You should change your passwords to MagManager regularly and if you haven’t done so already we’d encourage you to switch on 2 Factor authentication. MagManager now supports the use of Google Authenticator to make this as easy as possible for our users.
As always, if you’d like to know more, or have any questions, please feel free to get in touch