Learn about our infrastructure and how AskCody is built on Microsoft Azure
AskCody on Microsoft Azure
AskCody provides one unified SaaS solution for Resource Scheduling and Meeting Management built for Outlook and Office 365 helping organizations achieve meeting excellence. The Platform accommodates all organizational aspects of meetings, reducing the organizational load by minimizing the number of hours spent per employee on organizing and scheduling meetings while increasing operational efficiency. The AskCody Platform, therefore, eliminates office friction, improves productivity, and optimizes workplace utilization.
The AskCody Platform consists of different modules and elements including:
Meeting Room Booking and Management
Workspace Insights and Analytics
Meeting Room Displays
Canteen and Catering Management
Facilities Overview and Management
Vendor and Service Management
Visitor Management and Front Desk Software
All modules are delivered as a Software-as-a-Service only available through an active, paid subscription.
Infrastructure and backbone
Due to tight integration with our customers’ data and infrastructure (Exchange Server/Online, Active Directory, and Office 365), we aim to make our tech stack as simple as possible, while still making sure we have access to the newest technology and innovative services.
We actively utilize and leverage the Microsoft Azure Cloud for as many of our applications and services as we can. We keep as much of our technological stack centralized around Microsoft Azure Services to leverage the interconnectivity and features available from this interconnectivity.
Our entire platform and all services run on Microsoft Azure App Services and Microsoft Azure Kubernetes. For login and accessing the platform, we utilize SSO, Azure Key Vault or Modern Auth (OAuth 2.0). Our API’s and applications are built upon modern technologies such as .NET Core 2.0. We use best practice testing procedures, automated builds, continuous integration, and ReactJS. Further, we benefit from geo-redundant failover systems and back-ups built into our Microsoft Azure setup and configuration, integrated application access control, application logging, application monitoring, and service anomaly detection among a lot of other features.
We govern our innovation and development with processes that minimize the risk of human errors and unforeseen incidents, including peer-reviewing code, a clear chain of command in case of incidents, and clear, simple guidance for our co-workers.
AskCody on Microsoft Azure
AskCody comes as Software-as-a-Service that is built on Microsoft Azure and hosted in the Microsoft Azure cloud.
To get a full list of compliance offerings and to find audit information, go to the related certification on this link.
We benefit from Microsoft’s unmatched scale and experience running trusted enterprise cloud services around the globe. This is why AskCody is built on Microsoft Azure.
We leverage Microsoft’s deep investments in technology, operational processes, and expertise to provide a trusted platform for the AskCody solution. With Microsoft as our supplier of cloud services, we can take advantage of the Azure cloud more quickly while reducing security and compliance costs and minimizing risk to your organization.
We understand that to realize the benefits of cloud computing you as a company must be willing to trust your cloud provider with your data. When you invest in a cloud service, you must be able to trust that your data is safe, that data privacy is protected, and that you own and control your data in all its uses.
Locations and Regions
AskCody is divided into a European and North American setup due to data regulations based on the location you sign up for when you create your AskCody Account. Customer Data will never leave the Data Region on which the Customer Data is placed based on the location of the Customer, meaning the Customers in Europe will only be using Data Centers in Europe, and Customers in North America will only be using Data Centers in North America.
In Europe, AskCody utilizes North Europe (Primary) and West Europe (Secondary) Azure regions. In North America, we utilize East US (Primary) and West US (Secondary). Learn more about regions by clicking here.
The Azure service is fully managed by AskCody. Maintenance and updates are included in your subscription to AskCody.
All secondary data centers (West Europe and West US) works as a storage and geographically redundant backup. In the case of emergency and disaster recovery is needed, the recovery time is 12 hours maximum. The loss of data will be limited to the latest 15 minutes. Replication between primary and secondary data centers is happening at a maximum delay of 15 minutes.
Backup on Azure
AskCody stores all data with redundancy on Microsoft Azure. Our databases support point-in-time backups to the minute, with 31-day retention.
Business contingency on Azure in the event of serious disturbance
AskCody comes as a Software as a Service that is built on Microsoft Azure and hosted in the Microsoft Azure cloud. Azure operates in multiple geographies around the world. An Azure geography is a defined area of the world that contains at least one Azure Region. An Azure region is an area within a geography, containing one or more data centers. In Europe, we utilize the North Europe (Primary) and West Europe (Secondary) Azure regions. Please see detailed description above.
Each Azure region is paired with another region within the same geography, together making a regional pair.
The AskCody platform is built so that we replicate workloads across regional pairs to benefit from Azure’s isolation and availability policies. For example, planned Azure system updates are deployed sequentially (not at the same time) across paired regions. That means that even in the rare event of a faulty update, both regions will not be affected simultaneously. Furthermore, in the unlikely event of a broad outage, recovery of at least one region out of every pair is prioritized.
To see an example of a hypothetical application that uses the regional pair for disaster recovery please click here.
Deletion of Data
Deletion of data by the end of a subscription (Or assisting the Customer on GDPR matters)
It is AskCody’s responsibility to permanently destroy the Customer Data upon Customer’s request, with special emphasis on destroying all data in the scope in all locations and provide written certification of the destruction. AskCody shall at its own discretion determine data destruction schedules but shall wherever possible perform such destruction in accordance with the Customers' requested timetable. Supplier shall have the obligation to wipe persistent media used for storing Customers Data or secure deletion of Customers Data with related techniques before it is released into re-use.
Due to AskCody being built as a generic SaaS solution on Azure, AskCody doesn’t have physical access to wipe and destroy media used for Customer data on Azure.
For customer-specific data, we will manually remove all identifying calendar data associated with your account from our database. Derivate anonymized data (i.e. "Total events booked on a platform this month") will not be removed, as it cannot be linked back to source data. User accounts associated with your organization may also be removed on request.
When subscriptions end, Customer Data will be available on the backup to the maximum of 1 month (30 days) after which time the data will be completely unobtainable. All backup data is encrypted using TLS 1.2+.
Penetration testing on Azure
All the infrastructure on the Microsoft Azure Cloud is taken care of by the Microsoft Azure platform services. Microsoft performs penetration testing of the Azure environment. This helps improve our platform and guides actions in terms of improving security controls, introducing new security controls, and improving our security processes.
Vulnerability assessment on Azure
Vulnerability assessment in Azure Security Center is part of the Security Center recommendations that are built into Microsoft Azure and therefore AskCody. The Security Center Recommendations are monitored daily, and action is taken immediately if vulnerabilities are found.
Summary - AskCody's architecture in short and highlights
AskCody is built on Microsoft Azure PaaS + Microsoft Azure Kubernetes Services, running a global georedundant setup in both North America and Europe (GDPR compliant) with automatic failover and geographically redundant backup.
Modern, Reliable & Scalable:
- Build on Microsoft Azure, running Platform-as-a-Service / Azure Kubernetes Services
- Geo redundant setup with build-in, automatic failover and with Azure Traffic Manager as a DNS-based traffic load balancer. This service allows us to distribute traffic to our public facing applications across the global Azure regions. Traffic Manager also provides our public endpoints with high availability and quick responsiveness.
- Multi Tennant Platform, running on a single instance of the software with our supporting infrastructure serving multiple (all) customers. Each customer shares the software application and a single database. secured by logically separated UUID. Each tenant’s data is isolated and remains invisible to other tenants. Data is based on UUIDs so customer data are separated logically and secured from other customers.
- Azure Point in Time restore and backup
- Higher availability, lower latency, greater scale, and more secure experiences with Azure Front Door
- Running Microsoft Availability Zones; each region runs across three different Data Centres (That’s 4x3=12 Data Centers running AskCody for stability, redundancy and failover mitigation). Azure availability zones are connected by a high-performance network with a round-trip latency of less than 2ms. They help our data stay synchronized and accessible when things go wrong. Each zone is composed of one or more datacenters equipped with independent power, cooling, and networking infrastructure.
Secure & Compliant:
- GDPR compliant + InfoSec policy implemented and audited
- External ISAE 3000 reports audited yearly on information security and data processing
- OWASP 10 compliant
- External pen-test
- A+ SSL report (TLS 1.2+, SHA256withRSA signature algorithm)
- Azure Key Vault for credential storage
- SSO + OAuth 2.0