Polar partners with a Canadian technology services company that offers colocation and cloud services. All of Polar’s production applications and customer data are hosted at this provider’s primary facility in a private, dedicated, virtualized environment. This provider meets Enbridge’s IT-CISO-06 Cloud Security Standard.
The colocation facility is a tier-3 designed data centre, which is considered the highest major commercial data standard. The provider employs state of the art technology to ensure that all equipment has redundant power, cooling, and Internet network access, and the building maintains a waterless fire suppression system that will not damage active electronics. The building is engineered to be highly secure, with no windows and requires dual factor authentication for access. Additional access is required for the most secure locations. The facility itself is located in a smaller Canadian city with very low risk for natural disasters or man-made hazards.
All of Polar’s office and hosting locations employ firewall appliances to ensure the protection of internal systems and data from Internet risk. These firewalls are maintained with the latest security updates, and are continuously monitored for attacks. Connections between office and server hosting locations utilize encrypted VPN tunnels which protect the transfer of information. Software firewalls on each server are also enabled and configured to prevent any non-approved access. Access to software services from outside the Polar network requires secure HTTP logon.
Polar’s web-based application suite is designed around an industry standard three-tier configuration for servers. This design provides a scalable and redundant solution by compartmentalizing specific functions on separate dedicated servers that are optimized for that purpose. Each tier can then be further expanded as resource requirements grow. Polar also maintain a separate set of servers in this configuration for each of the development, QA/testing and staging/demo environments.
Database Server: The Database tier hosts customer data, base data, shared subscription data, reporting and account information for the web applications. Every customer has a dedicated SQL Server database which contains all their spatial and non-spatial data. This database is also used and maintained partially by the consulting services group so that any completed project work can quickly be made available to users via the applications.
Application/GIS Server: The application tier utilizes an ArcGIS Server site to provide map, feature, image, and geo-processing services. Map and tabular data is published either directly from enterprise databases, or from replicas and file folders on the GIS server. Additional GIS servers can be deployed to the site to increase capacity as requirements grow.
Web Server: This tier is the Internet-facing portal from which customers are able to access CORE and its various features. The web server grants access to the latest production versions of the web applications, as well as secure login access to map, web, and data services.
The cloud infrastructure which Polar uses is composed of a high availability VMware environment, and all virtual servers are designed to automatically failover to another host within minutes after a hardware failure. The services provider maintains redundant internet connections using Border Gateway Patrol, which means that if connectivity via one internet provider is lost, all connected systems will automatically failover to one of several other alternate carriers. Data storage and network connections are also designed for redundancy, so that any individual hardware failure can be bypassed.
Polar employs several levels of backup technology to ensure that both the application and customer-specific data is kept safe and secure. At the colocation facility where web applications are hosted, all of Polar’s virtual servers are backed up incrementally throughout the day, and then replicated to a secure offsite location each night. Using this combination of services ensures that local backups are readily available in case of a minor outage or data loss, and that in the case of a major disaster where the hosting location becomes unavailable, the entire production environment can be recovered and rebuilt with minimal loss of data.
Polar considers the continued operation of hosted services for its customers to be the highest priority. In the event of a long-term unplanned outage, or a more serious disaster which diminishes or prevents the operation of Polar’s services, several processes have been implemented to ensure business continuation. If the primary software hosting facility suffers a catastrophic failure from which recovery cannot be assured, then the restoration of priority systems serving Polar’s customers will be initiated. Since backups from the production environment are delivered daily to an offsite location, that location is the ideal site for temporary hosting. To this end, Polar ensures that suitable equipment is kept in operating condition and ready to deploy the backup servers at this location should the need arise.