Platform

Thawte SSL Web Server Certificate with EV: SSL Web Server Certificates with EV to provide the most assurance to users. Extended Validation (EV) turns the address bar green in high-security browsers, showing that the organisation has met the industry’s highest standard of authentication. SSL Web Server Certificates with EV enables a 256-bit encryption in the latest operating systems and web browsers with server-gated cryptography (SGC).

The API is built in Laravel, an open-source framework following the model–view–controller (MVC) architectural pattern. Laravel is regarded as one of the most popular open-source frameworks with a modular packaging system and dedicated dependency manager, allowing different ways for accessing relational databases, utilities that aid in application deployment and maintenance, and its orientation toward syntactic sugar.

The API authenticates using a JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between the App and the server as a JSON object. This information can be verified and trusted as it is digitally signed. JWTs will be signed using a secret private key (with HMAC algorithm). Once the user is authenticated (logged in), each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token. JWT defines a way in which certain common information pertaining to the process of authentication/authorisation may be represented. The data format is JSON, JWTs carry certain common fields such as subject, issuer, expiration time, etc. JWTs become really useful when combined with other specs such as JSON Web Signature (JWS) and JSON Web Encryption (JWE).

Together these specs provide not only all the information usually needed for an authorisation token, but also a means to validate the content of the token so that it cannot be tampered with (JWS) and a way to encrypt information so that it remains opaque to the client (JWE).

Physical Security

Each Rackspace data center is restricted by biometric authentication, keycards, and 24x7x365 surveillance. These help ensure that only authorized engineers have access to routers, switches and servers.

Power

Rackspace power systems deliver conditioned power while protecting against sags, surges, swells, spikes and electrical noise. Uninterruptible power supplies (UPS) provide instant failover for continuity during a power outage. And our on-site, always-fueled diesel generators are prepared to pick up the load quickly during extended outages.

Cooling

Rackspace N+2 redundant chiller configuration uses a combination of centrifugal chillers, cooling towers, chilled water loop pumps and condenser water loop pumps — with redundant water sources.

HVAC

Rackspace precision Heating, Ventilation and Air Conditioning (HVAC) environment includes HEPA-equipped air handling units that remove dust and contaminants. In the event of an HVAC system failure, we have redundant HVAC systems for immediate failover.

Network

Rackspace robust network includes nine backbone providers, allowing us to shift traffic as needed. This configuration, co-developed with Cisco, guards against single points of failure at the shared network level (extendable to your VLAN environment).

The platform is inline with code of ethics and best practice setup by the Open Web Application Security Project (OWASP) and adheres to the Data Protection Act (DPA), General Data Protection Regulation (GDPR), the Regulation of Investigatory Powers Act (RIPA), Criminal Procedure and Investigations Act (CPIA), the European Convention on Human Rights (ECHR).

As the platform is highly configurable, it is recommended that you work with our support team to ensure that the platform is setup and adheres with your specific compliance requirements. Zinc staff adheres to our security polices and standards implemented (documentation available on request).

Rackspace Managed Hosting adheres to: ISO 27002, ISO 27001, PCI-DSS (PAYMENT CARD INDUSTRY DATA SECURITY STANDARD), SSAE16, SOC 1, SOC 2, SOC 3, SAFE HARBOR, CONTENT PROTECTION AND SECURITY STANDARD (CPS).