Your data and services, including redundancies and backups are contained within the safety of our virtual private network which is constantly monitored by next-generation heuristic threat detection and vulnerability assessment tools.
Our compute engine is backed by the power of the Microsoft Azure cloud which provides unparalleled uptime, security and service availability.
Credit Clear looks to encrypt as much data as possible both in transit and at rest within its system. Azure Databases use Transparent Data Encryption or TDE to secure their data at rest and SSL whilst communicating that data to the various services. All of the services within the Credit Clear stack use SSL to encrypt the messages that they pass between themselves and also to access their respective RavenDb databases, along with a set of api keys.
All connAll connections on port 80 are disallowed and redirected to 443 and secured via SSL through the use of HSTS (Http Strict Transport Security). The virtual machines that host the core services that power the Credit Clear system are all required to have their disks encrypted in order to be accepted into the cluster.
The actual Service Fabric cluster itself is secured using Azure Active Directory which is a hosted, secure application access management system.
The Credit Clear system is distributed for several reasons, chief among them is that being based on a consumer cloud failure is inevitable and therefore should be treated as a first class concern.The Engine is built on Service Fabric backed onto a VM Scale Set which provides self-healing and automatic scaling. These services can automatically detect when they have become unhealthy and have the cluster replace them with a new node.
The frontend offloads the majority of its load to a CDN making a DDOS attack tricky for the attacker and providing lightning fast response times for general use.
RavenDb is clustered with a multi-master setup which means losing a node is not a problem for the data store, the services are preprogrammed to automatically failover transparently.
The APIs are all hosted on Azure App Services in a cluster of their own, once they hit a certain size they’ll be placed behind a traffic manager and hosted in multiple zones to increase their resilience
All of our data is stored securely in the Microsoft Azure cloud complying with all data sovereignty laws and regulations. We ensure that all of you data stays safely within the borders and never leaves the safety of our secured network.