Note: Usage of "we" and "our" indicates Bloom Growth. Usage of "you" and "yours" indicates current, former and potential users of our services and visitors to our websites.
Bloom Growth is hosted on Amazon Web Services (AWS). As an AWS hosted website, we enjoy all security best practices implemented by Amazon (the same ones Amazon.com uses). Bloom Growth uses Elastic Beanstalk (a product of AWS) to scale up with demand and provide website redundancy through multiple servers hosting Bloom Growth. This means if one server goes down, others take its place automatically. It also means if we experience unusually high traffic, more servers come online to handle the workload. Currently, our servers are located in various availability zones throughout the United States in secure AWS facilities.
Your data is protected from the outside world. The Bloom Growth database is only accessible from over Amazon's private network, and, even then, only visible to other Bloom Growth servers. This information is inaccessible to the outside world except through the Bloom Growth website and only when signed in as an authorized user. All data-in-motion (anything that you would see visiting https://traction.tools) is encrypted with SSL and cannot be read if intercepted in transit.
The Bloom Growth web service is hosted on virtual servers which are logically isolated from other AWS virtual servers. Web Services may share hardware but have separate operating and memory space.
From AWS Security Whitepaper (August 2016)
AWS’s data centers are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
Bloom Growth is made up of several microservices, some of them their own separate database. Currently, all servers are located in the same availability zone as their respective database. This significantly reduces latency. The database is replicated in multiple availability zones. In the event of a database failure, database access fails-over to another availability zone temporarily.
The main Bloom Growth website is located in the Oregon availability zone, in two of the following near either Grandview, Antelope or Mitchell. Additional services are located in North Virginia near either Montvale, Buena Vista or Lynchburg. The exact location of the servers are kept secret by Amazon for additional security.
Yes. Additional resources are provisioned automatically through AWS as needed.
From AWS Security Whitepaper (August 2016)
SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70), SOC 2, SOC 3, FISMA, DIACAP, and FedRAMP, DOD CSM Levels 1-5, PCI DSS Level 1, ISO 9001 / ISO 27001, ITAR, FIPS 140-2, MTCS Level 3
A self-hosted version of Bloom Growth is not part of our product development roadmap.
Automatic backups are performed daily and are retained for 7 days. Permanent backups are made monthly.
Only the Customer Support and Engineering departments have access and only in assisting you at your request. No third-party has access to your data. We maintain audit logs for every request made to the website.
Not at this time.
We understand that having access to your data at all times is of utmost importance. This is one of the reasons we selected Amazon Web Services for Bloom Growth software, given their strong infastructure and committment to maintaining maximum uptime.
We are currently offering 99.95% uptime. We are always working to improve this number.