This article describes the monitoring framework Indivd uses to maintain operational reliability, data integrity, and security across its systems. It is intended for data protection officers, legal advisors, and others evaluating Indivd's technical and organisational security measures. This document does not constitute legal advice.
This article contains the following topics:
Monitoring scope and communication
- Operational hours: Certain services are monitored continuously (24/7). Others are monitored during specific location operating hours.
- Alerts and notifications: System administrators receive real-time alerts via Slack and email, enabling immediate response to potential issues.
- Continuous improvement: Monitoring routines and automatic recovery processes are reviewed and updated on an ongoing basis to maintain system resilience.
Data security and access
- Data residency: All log data is securely stored within the EU.
- System communication: Communication between systems is protected using secure protocols and stringent access rules.
- Access control: Access to monitoring tools is restricted to system administrators only.
Key monitoring components
VPN monitoring
- Connectivity checks: VPN connectivity is monitored to confirm that tunnels are operational and that servers at customer sites are accessible.
- Automatic recovery: Any disruption in VPN connectivity triggers an automatic restart. Administrators are notified promptly.
Server metrics
- Tools used: New Relic, tools provided by the data centre, and Digital Ocean's built-in monitoring for front-end and back-end systems.
- Metrics monitored: Disk space, load, storage capacity, and network performance.
Camera uptime
- Frequency: Cameras are checked every 10 minutes during operational hours to confirm they are active and transmitting data.
- Alert system: Alerts are issued for cameras that go offline. Unresolved issues are followed up manually.
Traffic and data flow
- Quality assurance: Camera streams are analysed for quality and data consistency using a dedicated service.
- Stream monitoring: If a camera stream fails to transmit data, an automatic restart is triggered and an alert is issued.
Container management
- Docker deployment: Back-end and insight systems operate within Docker containers.
- Alert triggers: An alert is generated if any container ceases to function.
Log management
- Monitoring scope: Service logs, system logs, and audit logs are all monitored.
- Alert triggers: Alerts are issued for log anomalies or suspicious activity. Automatic restarts are initiated for critical failures.
- Log processing: New Relic's EU service is used for centralised log processing and escalation management.
Critical services
- Operational integrity: All critical services are monitored to confirm they are active and functioning correctly.
Snapshot alerts
- Daily comparisons: Each night, the latest camera snapshots are compared against the previous day's data.
- Alert criteria: Significant changes in camera angles or image content trigger alerts for system administrator review.
Front-end and back-end health
- Hosting and monitoring: Both front-end and back-end systems are hosted on Digital Ocean and monitored through its built-in services.
- Database management: Database configurations are separately managed and monitored to ensure integrity and performance.
Backups
- Monitoring and validation: The creation and validation of backups are monitored to ensure data integrity and availability.
Comments
0 comments
Please sign in to leave a comment.