Hosting, reliability and security
The physical hosting of our primary infrastructure is provided by Equinix, the world's leading provider of data centers with more than 145 data centers around the globe. Certified by several organizations (SSAE16, ISO, LEED, Uptime Institute), Equinix guarantees an average availability rate of over 99.99999%.
Our infrastructure is hosted in data centers located in Paris, allowing excellent connectivity in Europe and particularly in France.
Our servers are made up of hardware selected by our partner Alwaysdata, from the latest generations of professional ranges from renowned manufacturers (Intel, Western Digital, Supermicro
Electricity and air conditioning
- All the equipment (network hardware, servers) are powered by two totally independent electrical chains;
- Inverters and generators guarantee an uninterrupted power supply, even in the event of an ERDF outage on the site for several days;
- The air conditioning of the rooms is provided by two independent chains, capable of maintaining a stable temperature whatever the outside conditions;
- Simulations of electrical and air-conditioning failures are carried out every month to ensure the proper functioning of all equipment, including emergency equipment.
- All our servers are monitored by internal and external probes (located in many countries), allowing us to be alerted immediately in case of any anomaly that could not be automatically corrected by our monitoring tools;
- The engineers are on call 24 hours a day to intervene within minutes of detecting a breakdown;
- Technicians are present in our datacenters, 24 hours a day, to carry out manipulations on request of our engineers.
- Our connectivity is provided by 4 fully redundant network operators;
- All our network equipment (switches, routers) work in pairs, with hardware from 2 different manufacturers, ensuring continuity of service in case of hardware or software failure;
- Each server has a dual network connection to the switches, with automatic failover in case of failure.
- All disks are duplicated in real time (RAID) and can be exchanged without interruption (hot-swap) ;
- Spare hardware is available on site to immediately replace any faulty parts or even a complete server.
The access to the datacenters is done in a secure way with :
- Biometric recognition ;
- Name badges ;
- Security teams.
All our servers are :
- Protected by a firewall, with an automatic banning mechanism of IPs carrying out attacks ;
- Updated immediately upon discovery of a significant security breach.
Our network and all our servers are protected from DDoS attacks thanks to a 4-level defense:
- Each server is configured and optimized to be able to withstand medium sized attacks without manual intervention;
- In case of a larger attack, anti-DDoS protections are automatically activated with our network providers, thanks to 2 distinct and redundant implementations;
- For even more complex attacks, our engineers can define custom blocking rules, in coordination with our network providers' engineers if necessary;
- In the event of a hypothetical extremely massive attack (several hundred Gb/s), a DNS re-routing strategy to a third party provider can be set up and is regularly simulated.
We make backups of all our customers' data:
- on a daily basis;
- kept for 30 days ;
- directly accessible by our customers in read-only mode;
- stored in external data centres, located at least several kilometres away, and managed by a separate operator.
All measures are taken to ensure full compliance and to help you comply with the level of data you collect about your customers, employees and partners.
Specific features and measures
- SSL encryption of communications
- One-way password protected access with hashing / salting
- Full encryption of client files
- Listing and Data Centralization
- Reserved data access control
- Rights management by column
- Possibility to erase data
- Possibility of data portability
- History of all changes (when this function is activated by the customer)
- Logbook opening history (when this feature is enabled by the customer)
- List of subcontractors
- Verification of subcontractor compliance
- Notification in case of access to data
- Data Protection Officer
- Register category of activities performed on behalf of the client
- Guaranteed data availability and resilience
- Weekly tests of complete database recovery from backups
- Full pseudonymization of data for real-world testing on pre-production servers
- Test procedure
- Automatic daily backup running for 30 days
- Automatic multi-site backup
- Ability to allow contacts to view and update data with one click
- Ability to encrypt certain columns of data with a password
- New "encrypted" column type to protect sensitive information content
- Admin access restricted to 2 TimeTonic Managers only (CEO, CTO)
- New type of column "password" totally secure facilitating the creation of extranet
Features planned for the near future
- Possible pseudonymisation of data
- History of playback accesses by recording
- Read access history per file
- Export history by record
- Export history by table
You remain in control of your data. TimeTonic provides only a tool to centralize, manage and protect it, and cannot take detailed action on your behalf.
We do not access your data, do not know your data and do not give any access to your data to third parties, unless you expressly request and invite us to do so.
More details are provided in TimeTonic's Terms and Conditions of Use.