Even as we adapt to the new normal of virtual events, virtual gift cards can still get left out. While not as flashy as virtual events, gift sends can be a great way to remind your clients that you’re still thinking of them, even when you can’t see them in-person. They also help resolve the…
Inside Tech: Building a Secure Infrastructure
Technology is at the core of Kapow and a big part of that technology is our infrastructure. As we grow, we are continuously making improvements to the infrastructure to make it faster, more secure and easier to maintain. Our DevOps team recently completed a significant upgrade in this area, which we’ve dubbed “VPC 2.0.”
Our platform is hosted on AWS (Amazon Web Services) Elastic Beanstalk, which is a cloud service for hosting web applications. We chose to use a cloud service to host our apps because, among other reasons, it is much more scalable, less prone to service disruptions, and easier to implement than providing our own hardware in a datacenter.
By default, systems hosted on AWS are publicly available on the internet. This is the least secure and performant configuration for a platform like ours, which consists of multiple applications communicating with each other from different servers. In that case, the servers would have to use the internet to communicate with each other, which is slower and much less secure.
The next step up from that is the structure we had before this upgrade, “VPC 1.0”. A VPC, or Virtual Private Cloud, is a private network within the public cloud. Servers within the VPC can communicate privately with each other without going through the internet. With VPC 1.0, however, they were also exposed to the internet, which increases the surface area of our system that can be attacked by malicious agents.
Enter VPC 2.0. We now have only the necessary systems exposed to the internet. Along with the security advantages of this configuration, we can now separate customer traffic from internal API traffic. When we do large feature deployments that require downtime, we can continue serving up internal APIs for testing purposes while displaying a maintenance page to end users, so we can bring the site back up with confidence. We also now have the ability to secure our non-production environments using firewall rules rather than web server configuration, which is much easier to maintain and alter on the fly.
The VPC upgrade also gave our DevOps engineers a chance to convert all of our server provisioning and configuration steps to AWS CloudFormation, which is a service that automates the process of creating, updating, and deploying resources on AWS. This approach, known as “infrastructure as code”, makes deploying our platform easier, faster, and less error-prone. It allows us to respond more quickly to service outages — if one AWS region goes down, we can quickly redeploy our site, with all of the necessary backend services, in another. It also makes it easier to make future changes to the way we deploy because all the steps and configurations are in one central location, and we can use version control to audit and revert those changes if necessary, just as we do with our application code.
VPC 2.0 is a major step forward for Kapow’s technical infrastructure. It demonstrates our commitment to making our platform as secure and robust as possible, while also being easy to maintain as we continue to rapidly expand our product offerings.
UNIQUE EVENT IDEAS. REAL-TIME BOOKING.
Join thousands of companies who have booked online events with Kapow.Find Your Event
Like this post?
Sign up for insider tips, exclusive content and event suggestions in your city.