Level Access Platform Resilience Statement
This document describes techniques and infrastructure elements Level Access (Level) uses to ensure the availability of the hosted AMP software service.
Level utilizes Amazon Web Services (AWS) hosting facilities to provide hosted AMP (Level’s Accessibility Management Platform) instances in the North America AWS regions.
AWS’s data centers and operations are highly-decorated. See the AWS Compliance Programs page for more details.
Level’s database layer is provided by the Amazon Aurora service under AWS. AWS provides multiple data centers commonly referred to as Availability Zones (AZ). Level utilizes multiple AZs in the development of our infrastructure to ensure redundant physical systems.
Aurora provides automatic failover to a live read replica in a different AZ. The application layer also provides automatic failover and self-heals if infrastructure resources within an AZ fail. Resources automatically rebalance when an AZ comes back. (Note: An AWS AZ outage is a rare occurrence, but Level designed the application for geographical redundancy to mitigate the effects of disasters.)
Aurora databases are continuously monitored for health. In the event of a database failure, AWS will automatically restart the database and associated processes. Aurora does not require crash recovery replay of database redo logs, greatly reducing restart times.
Fault Tolerance and Healing
Each chunk of the database volume is replicated six ways, across three AZs. This provides for highly fault-tolerant storage while transparently handling the loss of multiple copies without affecting database availability. In addition, storage is self-healing. Data chunks and disks are continuously scanned for errors and replaced automatically.
For immediate recoveries, back-up data and retention are configured to allow restoration of the database state to any point in time during the Level retention period. The Level retention period is configured to thirty-five days. These automated backups are stored in Amazon S3 which is designed to provide 99.999999999% durability of the backups. As the backups occur on an ongoing, incremental basis they have no impact on database performance.
Backed-up data is tested for consistency to ensure that it can be used to build a new environment.
The upgrade process includes full backups of the system prior to database and major application upgrades, and validation that the upgraded system functions as expected.
Platform upgrades occur on a continuous basis for normal releases and ad hoc for normal or emergency patches.
AMP’s database backups utilize industry standard encoding and storage schemas. Level does not utilize any proprietary encoding, storage mediums, or database structures.
Level’s schedule for the retention of ongoing backups of all critical system data is thirty-five days.
AMP is not dependent on external data feeds or interfaces to function, and any failures – outside of core network routing failures – are isolated to the specific hosting environment for AMP.
Level maintains redundancy in our Business Continuity Plan for all Business Continuity Roles.
Get in touch
Want to get in touch? We’d love to hear from you. Here’s how you can reach us…